EDB-4794webappsphp已验证

XZero Community Classifieds 4.95.11 - Local File Inclusion / SQL Injection

Kw3[R]Ln12/26/2007

在Exploit-DB查看在GitLab查看源代码

AI分析AI驱动

漏洞利用代码

Exploit code not available in database

在GitLab查看源代码

CVE-2007-6567

NONE

Directory traversal vulnerability in index.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pagenam

Directory traversal vulnerability in index.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pagenam...

12/28/2007CWE-22

CVE-2007-6566

NONE

SQL injection vulnerability in post.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to execute arbitrary SQL commands via the subcatid parameter to index.php.

12/28/2007CWE-89