deltascripts php_classifieds CVE 漏洞(12)

CVE 数: 12 CPE versions: View versions table

摘要

本页列出影响 deltascripts php_classifieds 的已公开 CVE 漏洞(通过 NVD CPE 关联)。每行包含严重程度评分、摘要与发布日期,便于识别与分析安全问题。

显示 11212 CVE 数
«« 第一页 « 上一页 第 1 / 1 页 下一页 »
CVE 摘要 来源 最高 CVSS EPSS % 公开时间 更新时间
CVE-2010-4914 PHP remote file inclusion vulnerability in tools/phpmailer/class.phpmailer.php in PHP Classifieds 7.3 allows remote attackers to execute arbitrary PHP code via a URL in the lang_path parameter. [email protected] 7.5 2.11% 2011-10-08 2026-06-16
CVE-2008-5806 SQL injection vulnerability in login.php in DeltaScripts PHP Classifieds 7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the admin_username parameter (aka admin field). NOTE: some of these details are obtained from third party information. [email protected] 7.5 1.15% 2008-12-31 2026-06-16
CVE-2008-5805 SQL injection vulnerability in detail.php in DeltaScripts PHP Classifieds 7.5 and earlier allows remote attackers to execute arbitrary SQL commands via the siteid parameter, a different vector than CVE-2006-5828. [email protected] 7.5 1.00% 2008-12-31 2026-06-16
CVE-2007-2254 PHP remote file inclusion vulnerability in admin/setup/level2.php in PHP Classifieds 6.04, and probably earlier versions, allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: this product was referred to as "Allfaclassfieds" in the original disclosure. [email protected] 7.5 1.36% 2007-04-25 2026-06-16
CVE-2006-5828 SQL injection vulnerability in detail.php in DeltaScripts PHP Classifieds 7.1 and earlier allows remote attackers to execute arbitrary SQL commands via the user_id parameter. [email protected] 7.5 1.08% 2006-11-09 2026-06-16
CVE-2006-5520 PHP remote file inclusion vulnerability in functions.php in DeltaScripts PHP Classifieds 7.1 allows remote attackers to execute arbitrary PHP code via a URL in the set_path parameter. [email protected] 7.5 1.39% 2006-10-26 2026-06-16
CVE-2006-5208 Multiple SQL injection vulnerabilities in PHP Classifieds 7.1 allow remote attackers to execute arbitrary SQL commands via (1) the catid_search parameter in search.php and (2) the catid parameter in index.php. [email protected] 7.5 1.21% 2006-10-10 2026-06-16
CVE-2006-3330 Cross-site scripting (XSS) vulnerability in AddAsset1.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote attackers to execute arbitrary SQL commands via the (1) ProductName ("Title" field), (2) url, and (3) Description parameters, possibly related to issues in add1.php. [email protected] 6.8 1.46% 2006-06-30 2026-06-16
CVE-2006-3329 SQL injection vulnerability in search.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote attackers to execute arbitrary SQL commands via the rate parameter. [email protected] 7.5 1.10% 2006-06-30 2026-06-16
CVE-2006-1532 Cross-site scripting (XSS) vulnerability in search.php in PHP Classifieds 6.18, 6.20, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the searchword parameter. [email protected] 4.3 1.30% 2006-03-30 2026-06-16
CVE-2006-0719 SQL injection vulnerability in member_login.php in PHP Classifieds 6.18 through 6.20 allows remote attackers to execute arbitrary SQL commands via the (1) username parameter, which is used by the E-mail address field, and (2) password parameter. [email protected] 7.5 1.24% 2006-02-15 2026-06-16
CVE-2002-1702 Cross-site scripting vulnerability (XSS) in DeltaScripts PHP Classifieds 6.0.5 allows remote attackers to execute arbitrary script as other users via the URL parameter. [email protected] 4.3 1.73% 2002-12-31 2026-06-16
«« 第一页 « 上一页 第 1 / 1 页 下一页 »
cvelogic Threat Intelligence