Cross-site scripting (XSS) vulnerability in AddAsset1.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote attackers to execute arbitrary SQL commands via the (1) ProductName ("Title" field), (2) url, and (3) Description parameters, possibly related to issues in add1.php.
References
Configurations
History
21 Nov 2024, 00:13
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/20880 - Vendor Advisory | |
References | () http://securityreason.com/securityalert/1179 - | |
References | () http://securitytracker.com/id?1016407 - | |
References | () http://www.securityfocus.com/archive/1/438667/100/0/threaded - | |
References | () http://www.securityfocus.com/bid/18713 - | |
References | () http://www.securityfocus.com/bid/18717 - | |
References | () http://www.vupen.com/english/advisories/2006/2589 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/27454 - |
Information
Published : 2006-06-30 23:05
Updated : 2024-11-21 00:13
NVD link : CVE-2006-3330
Mitre link : CVE-2006-3330
CVE.ORG link : CVE-2006-3330
JSON object : View
Products Affected
deltascripts
- php_classifieds
CWE