Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
smartisoft phpbazar 2.1.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4221
SQL injection vulnerability in classified.php in phpBazar 2.1.1fix and previous versions allows remote malicious users to execute arbitrary SQL commands via the catid parameter, a different vector than CVE-2008-3767.
Smartisoft Phpbazar 2.0.2
Smartisoft Phpbazar
Smartisoft Phpbazar 2.1.1
Smartisoft Phpbazar 2.1.0
1 EDB exploit
NA
CVE-2009-4222
phpBazar 2.1.1fix and previous versions does not require administrative authentication for admin/admin.php, which allows remote malicious users to obtain access to the admin control panel via a direct request.
Smartisoft Phpbazar 2.0.2
Smartisoft Phpbazar 2.1.0
Smartisoft Phpbazar 2.1.1fix
Smartisoft Phpbazar
1 EDB exploit
NA
CVE-2006-2527
Admin/admin.php in phpBazar 2.1.0 and previous versions allows remote malicious users to bypass the authentication process and gain unauthorized access to the administrative section by setting the action parameter to edit_member and the value parameter to 1.
Smartisoft Phpbazar 2.1.0
1 EDB exploit
NA
CVE-2006-2528
PHP remote file inclusion vulnerability in classified_right.php in phpBazar 2.1.0 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the language_dir parameter.
Smartisoft Phpbazar 2.1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started