Openautoclassifieds: Security Vulnerabilities
Multiple SQL injection vulnerabilities in Open Auto Classifieds 1.4.3b allow remote attackers to execute arbitrary SQL commands via (1) the id parameter to listings.php and (2) the username field to login.php.
CVSS Score
7.5
EPSS Score
0.004
Published
2009-04-07
Cross-site scripting (XSS) vulnerability in friendmail.php in OpenAutoClassifieds 1.0 allows remote attackers to inject arbitrary web script or HTML via the listing parameter.
CVSS Score
6.8
EPSS Score
0.012
Published
2003-11-03