VYPR

Dclassifieds

by Dclassifieds

CVEs (3)

  • CVE-2012-0990Feb 7, 2012
    risk 0.03cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in admin/settings/update in DClassifieds 0.1 final allows remote attackers to hijack the authentication of administrators for requests that modify account settings such as the administrator password or email via certain Settings[]…

  • CVE-2005-3978Dec 3, 2005
    risk 0.03cvss epss 0.03

    Multiple SQL injection vulnerabilities in NetClassifieds Premium Edition 1.0.1, Professional Edition 1.5.1, Standard Edition 1.9.6.3, and Free Edition 1.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) CatID parameter in (a) ViewCat.php and (b)…

  • CVE-2007-3356Jun 22, 2007
    risk 0.00cvss epss 0.02

    NetClassifieds Premium Edition allows remote attackers to obtain sensitive information via certain requests that reveal the path in an error message, related to the display_errors setting in (1) Common.php and (2) imageresizer.php, and (3) the use of __FILE__ in error reporting…