← volver
CVE-2006-3330

CVE-2006-3330

EPSS 1.5%
Cross-site scripting (XSS) vulnerability in AddAsset1.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote attackers to execute arbitrary SQL commands via the (1) ProductName ("Title" field), (2) url, and (3) Description parameters, possibly related to issues in add1.php.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://secunia.com/advisories/20880http://securityreason.com/securityalert/1179http://securitytracker.com/id?1016407https://exchange.xforce.ibmcloud.com/vulnerabilities/27454http://www.securityfocus.com/archive/1/438667/100/0/threadedhttp://www.securityfocus.com/bid/18713http://www.securityfocus.com/bid/18717http://www.vupen.com/english/advisories/2006/2589