CVE-2009-2914

The CVE-2009-2914 issue applies to XZero Community Classifieds (versions up to 4.97.8). It is a Cross-site Scripting (XSS) vulnerability in index.php that allows remote attackers to inject arbitrary web script or HTML via the name of an uploaded file. The connected sources confirm the affected pr...

CVE-2009-2893

CVE-2009-2893 affects XZero Community Classifieds 4.97.8. The vulnerability is a cross-site scripting (XSS) flaw in index.php that allows remote attackers to inject arbitrary script or HTML via (1) the postevent parameter in a post action, or (2) the _xzcal_y parameter. The public descriptions id...

CVE-2009-2913

CVE-2009-2913 affects XZero Community Classifieds 4.97.8. A cross-site scripting (XSS) vulnerability exists in index.php that allows remote attackers to inject arbitrary script/HTML via the URI. According to NVD, impact is partial integrity impact with no confidentiality or availability impact; e...