2 matches found
CVE-2008-6351
Summary (CVE-2008-6351) : A cross-site scripting (XSS) vulnerability affects TurnkeyForms Local Classifieds in the file listtest.php , exploitable via the r parameter. The issue allows remote attackers to inject arbitrary web script or HTML. The provided documents do not specify affected versions...
CVE-2008-6350
CVE-2008-6350 defines an SQL injection vulnerability in listtest.php of TurnkeyForms Local Classifieds. The flaw allows remote attackers to inject SQL via the r parameter and execute arbitrary commands, with a CVSS2 base score of 7.5 (HIGH) and network/low complexity conditions. Affected componen...