SQL injection vulnerability in classified.php in phpBazar 2.1.1fix and previous versions allows remote malicious users to execute arbitrary SQL commands via the catid parameter, a different vector than CVE-2008-3767.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
smartisoft phpbazar 2.0.2 |
||
smartisoft phpbazar |
||
smartisoft phpbazar 2.1.1 |
||
smartisoft phpbazar 2.1.0 |