CVE-2006-5208

Multiple SQL injection vulnerabilities in PHP Classifieds 7.1 allow remote attackers to execute arbitrary SQL commands via (1) the catid_search parameter in search.php and (2) the catid parameter in index.php.

Score7.5
Access VectorNETWORK
Access ComplexityLOW
AuthenticationNONE
Confidentiality ImpactPARTIAL
Integrity ImpactPARTIAL
Availability ImpactPARTIAL
Published2006-10-10 12:06:00.000-04
Last Modified2017-10-18 09:29:30.000-04

Vulnerable Software List

VendorProductVersions
Deltascripts Php Classifieds 7.1

References

SourceLink
MISChttp://kzar.co.uk/exploits/phpclassifieds_exploit
BID20359
VUPENADV-2006-3924
XFphpclassifieds-index-sql-injection(29354)
EXPLOIT-DB2479