EDB-4794webappsphpVERIFICADO

XZero Community Classifieds 4.95.11 - Local File Inclusion / SQL Injection

Kw3[R]Ln12/26/2007

Ver no Exploit-DB Ver Fonte no GitLab

Análise IADesenvolvido por IA

Código do Exploit

Exploit code not available in database

Ver Fonte no GitLab

CVEs Relacionados (2)

CVE-2007-6567

NONE

Directory traversal vulnerability in index.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pagenam

Directory traversal vulnerability in index.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pagenam...

12/28/2007CWE-22

CVE-2007-6566

NONE

SQL injection vulnerability in post.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to execute arbitrary SQL commands via the subcatid parameter to index.php.

12/28/2007CWE-89