Vulnerabilities > Deltascripts > PHP Classifieds > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-06-30 | CVE-2006-3330 | Input Validation vulnerability in Deltascripts PHP Classifieds 6.04 Cross-site scripting (XSS) vulnerability in AddAsset1.php in PHP/MySQL Classifieds (PHP Classifieds) allows remote attackers to execute arbitrary SQL commands via the (1) ProductName ("Title" field), (2) url, and (3) Description parameters, possibly related to issues in add1.php. network deltascripts | 6.8 |
| 2006-03-30 | CVE-2006-1532 | Cross-Site Scripting vulnerability in Deltascripts PHP Classifieds 6.18/6.20 Cross-site scripting (XSS) vulnerability in search.php in PHP Classifieds 6.18, 6.20, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the searchword parameter. network deltascripts | 4.3 |
| 2002-12-31 | CVE-2002-1702 | Cross-Site Scripting vulnerability in Deltascripts PHP Classifieds 6.0.5 Cross-site scripting vulnerability (XSS) in DeltaScripts PHP Classifieds 6.0.5 allows remote attackers to execute arbitrary script as other users via the URL parameter. network deltascripts | 4.3 |