EDB-4794
webappsphpVERIFIED
XZero Community Classifieds 4.95.11 - Local File Inclusion / SQL Injection
CVE-2007-6567CVE-2007-6566
Kw3[R]Ln12/26/2007
説明
SQL injection vulnerability in post.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to execute arbitrary SQL commands via the subcatid parameter to index.php.
AI分析AIによる分析
影響を受ける製品
xzero_scriptsxzero_community_classifieds
4.95.11
利用可能なエクスプロイト (1)
参照
- http://en.rstzone.org/xzero-community-classifieds-v4-95-11-lfi-sql-in-t9394.rst
- http://osvdb.org/39740
- http://secunia.com/advisories/28250
- http://www.securityfocus.com/archive/1/485545/100/0/threaded
- http://www.securityfocus.com/bid/27042Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39259
- https://www.exploit-db.com/exploits/4794
- http://en.rstzone.org/xzero-community-classifieds-v4-95-11-lfi-sql-in-t9394.rst
- http://osvdb.org/39740
- http://secunia.com/advisories/28250
- http://www.securityfocus.com/archive/1/485545/100/0/threaded
- http://www.securityfocus.com/bid/27042Exploit
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39259
- https://www.exploit-db.com/exploits/4794