Multiple SQL injection vulnerabilities in BM Classifieds 20080309 and previous versions allow remote malicious users to execute arbitrary SQL commands via the (1) cat parameter to showad.php and the (2) ad parameter to pfriendly.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bmscripts bm classifieds |