Deltascripts: >> Php Classifieds >> 7.1 Security Vulnerabilities
SQL injection vulnerability in detail.php in DeltaScripts PHP Classifieds 7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the siteid parameter, a different vector than CVE-2006-5828.
CVSS Score
7.5
EPSS Score
0.002
Published
2008-12-31
SQL injection vulnerability in login.php in DeltaScripts PHP Classifieds 7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the admin_username parameter (aka admin field). NOTE: some of these details are obtained from third party information.
CVSS Score
7.5
EPSS Score
0.005
Published
2008-12-31
SQL injection vulnerability in detail.php in DeltaScripts PHP Classifieds 7.1 and earlier allows remote attackers to execute arbitrary SQL commands via the user_id parameter.
CVSS Score
7.5
EPSS Score
0.005
Published
2006-11-10
PHP remote file inclusion vulnerability in functions.php in DeltaScripts PHP Classifieds 7.1 allows remote attackers to execute arbitrary PHP code via a URL in the set_path parameter.
CVSS Score
7.5
EPSS Score
0.007
Published
2006-10-26
Multiple SQL injection vulnerabilities in PHP Classifieds 7.1 allow remote attackers to execute arbitrary SQL commands via (1) the catid_search parameter in search.php and (2) the catid parameter in index.php.
CVSS Score
7.5
EPSS Score
0.009
Published
2006-10-10