Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
smartisoft phpbazar vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2009-4221
SQL injection vulnerability in classified.php in phpBazar 2.1.1fix and previous versions allows remote malicious users to execute arbitrary SQL commands via the catid parameter, a different vector than CVE-2008-3767.
Smartisoft Phpbazar 2.0.2
Smartisoft Phpbazar
Smartisoft Phpbazar 2.1.1
Smartisoft Phpbazar 2.1.0
1 EDB exploit
755
VMScore
CVE-2009-4222
phpBazar 2.1.1fix and previous versions does not require administrative authentication for admin/admin.php, which allows remote malicious users to obtain access to the admin control panel via a direct request.
Smartisoft Phpbazar 2.0.2
Smartisoft Phpbazar 2.1.0
Smartisoft Phpbazar 2.1.1fix
Smartisoft Phpbazar
1 EDB exploit
755
VMScore
CVE-2010-2315
PHP remote file inclusion vulnerability in picturelib.php in SmartISoft phpBazar 2.1.1 allows remote malicious users to execute arbitrary PHP code via a URL in the cat parameter.
Smartisoft Phpbazar 2.1.1
1 EDB exploit
755
VMScore
CVE-2008-3767
SQL injection vulnerability in classified.php in phpBazar 2.0.2 allows remote malicious users to execute arbitrary SQL commands via the adid parameter.
Smartisoft Phpbazar 2.0.2
1 EDB exploit
755
VMScore
CVE-2006-2527
Admin/admin.php in phpBazar 2.1.0 and previous versions allows remote malicious users to bypass the authentication process and gain unauthorized access to the administrative section by setting the action parameter to edit_member and the value parameter to 1.
Smartisoft Phpbazar 2.1.0
1 EDB exploit
645
VMScore
CVE-2006-2528
PHP remote file inclusion vulnerability in classified_right.php in phpBazar 2.1.0 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the language_dir parameter.
Smartisoft Phpbazar 2.1.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started