Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
smartisoft phpbazar vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4222
phpBazar 2.1.1fix and previous versions does not require administrative authentication for admin/admin.php, which allows remote malicious users to obtain access to the admin control panel via a direct request.
Smartisoft Phpbazar 2.0.2
Smartisoft Phpbazar 2.1.0
Smartisoft Phpbazar 2.1.1fix
Smartisoft Phpbazar
1 EDB exploit
NA
CVE-2009-4221
SQL injection vulnerability in classified.php in phpBazar 2.1.1fix and previous versions allows remote malicious users to execute arbitrary SQL commands via the catid parameter, a different vector than CVE-2008-3767.
Smartisoft Phpbazar 2.0.2
Smartisoft Phpbazar
Smartisoft Phpbazar 2.1.1
Smartisoft Phpbazar 2.1.0
1 EDB exploit
NA
CVE-2006-2527
Admin/admin.php in phpBazar 2.1.0 and previous versions allows remote malicious users to bypass the authentication process and gain unauthorized access to the administrative section by setting the action parameter to edit_member and the value parameter to 1.
Smartisoft Phpbazar 2.1.0
1 EDB exploit
NA
CVE-2010-2315
PHP remote file inclusion vulnerability in picturelib.php in SmartISoft phpBazar 2.1.1 allows remote malicious users to execute arbitrary PHP code via a URL in the cat parameter.
Smartisoft Phpbazar 2.1.1
1 EDB exploit
NA
CVE-2006-2528
PHP remote file inclusion vulnerability in classified_right.php in phpBazar 2.1.0 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the language_dir parameter.
Smartisoft Phpbazar 2.1.0
1 EDB exploit
NA
CVE-2008-3767
SQL injection vulnerability in classified.php in phpBazar 2.0.2 allows remote malicious users to execute arbitrary SQL commands via the adid parameter.
Smartisoft Phpbazar 2.0.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started