Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2008-6543

Published: 30/03/2009 Updated: 17/08/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 930
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Comscripts

Vulnerability Summary

Multiple PHP remote file inclusion vulnerabilities in ComScripts TEAM Quick Classifieds 1.0 via the DOCUMENT_ROOT parameter to (1) index.php3, (2) locate.php3, (3) search_results.php3, (4) classifieds/index.php3, and (5) classifieds/view.php3; (6) index.php3, (7) manager.php3, (8) pass.php3, (9) remember.php3 (10) sign-up.php3, (11) update.php3, (12) userSet.php3, and (13) verify.php3 in controlcenter/; (14) alterCats.php3, (15) alterFeatured.php3, (16) alterHomepage.php3, (17) alterNews.php3, (18) alterTheme.php3, (19) color_help.php3, (20) createdb.php3, (21) createFeatured.php3, (22) createHomepage.php3, (23) createL.php3, (24) createM.php3, (25) createNews.php3, (26) createP.php3, (27) createS.php3, (28) createT.php3, (29) index.php3, (30) mailadmin.php3, and (31) setUp.php3 in controlpannel/; (32) include/sendit.php3 and (33) include/sendit2.php3; and possibly (34) include/adminHead.inc, (35) include/usersHead.inc, and (36) style/default.scheme.inc.

Vulnerable Product Search on Vulmon Subscribe to Product

comscripts quick classifieds 1.0

Exploits

Exploit DB: Quick Classifieds 1.0 - '/controlpannel/alterNews.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also p ...
Exploit DB: Quick Classifieds 1.0 - 'controlcenter/update.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible ...
Exploit DB: Quick Classifieds 1.0 - 'include/usersHead.inc?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underly ...
Exploit DB: Quick Classifieds 1.0 - 'include/sendit2.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying ...
Exploit DB: Quick Classifieds 1.0 - 'include/sendit.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying sy ...
Exploit DB: Quick Classifieds 1.0 - 'controlpannel/createT.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system; ot ...
Exploit DB: Quick Classifieds 1.0 - 'controlpannel/alterTheme.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also ...
Exploit DB: Quick Classifieds 1.0 - 'controlpannel/color_help.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are al ...
Exploit DB: Quick Classifieds 1.0 - '/controlpannel/createNews.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system; other at ...
Exploit DB: Quick Classifieds 1.0 - 'Classifieds/view.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible Quick Clas ...
Exploit DB: Quick Classifieds 1.0 - 'controlpannel/alterCats.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possibl ...
Exploit DB: Quick Classifieds 1.0 - 'controlcenter/index.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible Quick C ...
Exploit DB: Quick Classifieds 1.0 - 'controlpannel/alterHomepage.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also pos ...
Exploit DB: Quick Classifieds 1.0 - 'controlpannel/index.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system; ...
Exploit DB: Quick Classifieds 1.0 - 'locate.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible Quick Classifieds 1 ...
Exploit DB: Quick Classifieds 1.0 - 'controlcenter/pass.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible Q ...
Exploit DB: Quick Classifieds 1.0 - 'search_results.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible Quick Classified ...
Exploit DB: Quick Classifieds 1.0 - 'include/adminHead.inc?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlyin ...
Exploit DB: Quick Classifieds 1.0 - 'controlpannel/setUp.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying syst ...
Exploit DB: Quick Classifieds 1.0 - 'controlpannel/createS.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system; othe ...
Exploit DB: Quick Classifieds 1.0 - 'controlpannel/createP.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system; other ...
Exploit DB: Quick Classifieds 1.0 - 'controlpannel/createdb.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are ...
Exploit DB: Quick Classifieds 1.0 - 'controlcenter/userSet.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible ...
Exploit DB: Quick Classifieds 1.0 - 'Classifieds/index.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible Quick Classif ...
Exploit DB: Quick Classifieds 1.0 - 'index.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible Quick Classifieds 10 ...
Exploit DB: Quick Classifieds 1.0 - 'controlpannel/createM.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system; other atta ...
Exploit DB: Quick Classifieds 1.0 - 'controlpannel/createL.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attack ...
Exploit DB: Quick Classifieds 1.0 - 'controlpannel/createHomepage.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks ...
Exploit DB: Quick Classifieds 1.0 - 'controlcenter/sign-up.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible ...
Exploit DB: Quick Classifieds 1.0 - 'controlcenter/manager.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible Quic ...
Exploit DB: Quick Classifieds 1.0 - 'controlcenter/remember.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible ...
Exploit DB: Quick Classifieds 1.0 - 'style/default.scheme.inc?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the under ...
Exploit DB: Quick Classifieds 1.0 - 'controlpannel/mailadmin.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system ...
Exploit DB: Quick Classifieds 1.0 - 'controlpannel/createFeatured.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks ar ...
Exploit DB: Quick Classifieds 1.0 - 'controlcenter/verify.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possible ...
Exploit DB: Quick Classifieds 1.0 - 'controlpannel/alterFeatured.php3?DOCUMENT_ROOT' Remote File Inclusion
source: wwwsecurityfocuscom/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks are also possi ...

References

CWE-94http://www.securityfocus.com/bid/28417http://www.securityfocus.com/bid/28417/exploithttps://exchange.xforce.ibmcloud.com/vulnerabilities/42469https://nvd.nist.govhttps://www.exploit-db.com/exploits/31495/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651CVE-2024-34255elevation of privilegeCVE-2024-25529CVE-2024-4671NULL pointer dereferenceCVE-2024-25527template injectionCVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook