Xzero Scripts Xzero Community Classifieds vulnerabilities
3 known vulnerabilities affecting xzero_scripts/xzero_community_classifieds.
Total CVEs
3
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2007-6568P3HIGHCVSS 7.5PoC≤ 4.95.112007-12-28
CVE-2007-6568 [HIGH] CWE-94 CVE-2007-6568: PHP remote file inclusion vulnerability in config.inc.php in XZero Community Classifieds 4.95.11 and
PHP remote file inclusion vulnerability in config.inc.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path_escape parameter.
nvd
CVE-2007-6566P3HIGHCVSS 7.5PoCv4.95.112007-12-28
CVE-2007-6566 [HIGH] CWE-89 CVE-2007-6566: SQL injection vulnerability in post.php in XZero Community Classifieds 4.95.11 and earlier allows re
SQL injection vulnerability in post.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to execute arbitrary SQL commands via the subcatid parameter to index.php.
nvd
CVE-2007-6567P3MEDIUMCVSS 6.4PoC≤ 4.95.112007-12-28
CVE-2007-6567 [MEDIUM] CWE-22 CVE-2007-6567: Directory traversal vulnerability in index.php in XZero Community Classifieds 4.95.11 and earlier al
Directory traversal vulnerability in index.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pagename parameter in a page view action.
nvd