Multiple SQL injection vulnerabilities in NetClassifieds Premium Edition 1.0.1, Professional Edition 1.5.1, Standard Edition 1.9.6.3, and Free Edition 1.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) CatID parameter in (a) ViewCat.php and (b) gallery.php, and the (2) ItemNum parameter in (c) ViewItem.php.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2005-12-03T19:00:00
Updated: 2024-08-07T23:31:48.908Z
Reserved: 2005-12-03T00:00:00
Link: CVE-2005-3978
Vulnrichment
No data.
NVD
Status : Modified
Published: 2005-12-03T19:03:00.000
Modified: 2024-11-21T00:03:12.287
Link: CVE-2005-3978
Redhat
No data.