Vulnerabilities > CVE-2007-3354 - Input Validation vulnerability in Scriptdevelopers.Net Netclassifieds 1.0.1/1.5.1/1.9.6.3
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple SQL injection vulnerabilities in NetClassifieds Premium Edition allow remote attackers to execute arbitrary SQL commands via the s_user_id parameter to ViewCat.php and other unspecified vectors. NOTE: the CatID/ViewCat.php, CatID/gallery.php, and ItemNum/ViewItem.php vectors are already covered by CVE-2005-3978.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 4 |
Exploit-Db
| description | NetClassifieds 1.9.7 Multiple Input Validation Vulnerabilities. CVE-2007-3354. Webapps exploit for php platform |
| id | EDB-ID:30223 |
| last seen | 2016-02-03 |
| modified | 2007-06-21 |
| published | 2007-06-21 |
| reporter | laurent gaffie |
| source | https://www.exploit-db.com/download/30223/ |
| title | NetClassifieds <= 1.9.7 - Multiple Input Validation Vulnerabilities |