Almondsoft Com Aclassf vulnerabilities
2 known vulnerabilities affecting almondsoft/com_aclassf.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2009-3154P3HIGHCVSS 7.5PoCv7.52009-09-10
CVE-2009-3154 [HIGH] CVE-2009-3154: SQL injection vulnerability in the Almond Classifieds (com_aclassf) component 7.5 for Joomla! allows
SQL injection vulnerability in the Almond Classifieds (com_aclassf) component 7.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the replid parameter in a manw_repl add_form action to index.php, a different vector than CVE-2009-2567.
nvd
CVE-2009-3155P4MEDIUMCVSS 4.3PoCv7.52009-09-10
CVE-2009-3155 [MEDIUM] CWE-79 CVE-2009-3155: Cross-site scripting (XSS) vulnerability in gmap.php in the Almond Classifieds (com_aclassf) compone
Cross-site scripting (XSS) vulnerability in gmap.php in the Almond Classifieds (com_aclassf) component 7.5 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the addr parameter.
nvd