Multiple SQL injection vulnerabilities in PHP Classifieds Script allow remote attackers to execute arbitrary SQL commands via the fatherID parameter to (1) browse.php and (2) search.php.
References
Configurations
History
No history.
Information
Published : 2008-05-27 14:32
Updated : 2024-02-28 11:21
NVD link : CVE-2008-2453
Mitre link : CVE-2008-2453
CVE.ORG link : CVE-2008-2453
JSON object : View
Products Affected
phpclassifiedsscript
- php_classifieds_script
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')