Noahs Classifieds

noahs_classifieds

CVEs (10)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2006-5293 1Phpoutsourcing 1Noahs Classifieds Apr 23, 2026 Oct 16, 2006 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in index.php in PhpOutsourcing Noah's Classifieds 1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the frommethod parameter.
CVE-2006-1332 1Phpoutsourcing 1Noahs Classifieds Apr 16, 2026 Mar 21, 2006 N/A· v4 N/A· v3 6.4 MEDIUM· v2 Noah's Classifieds 1.3 and earlier allows remote attackers to obtain sensitive information via an invalid list parameter in the showdetails method to index.php, which reveals the path in an error message.
CVE-2006-1331 1Phpoutsourcing 1Noahs Classifieds Apr 16, 2026 Mar 21, 2006 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Multiple cross-site scripting (XSS) vulnerabilities in index.php in Noah's Classifieds 1.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) method or (2) list parameter.
CVE-2006-0882 1Phpoutsourcing 1Noahs Classifieds Apr 16, 2026 Feb 24, 2006 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Directory traversal vulnerability in include.php in Noah's Classifieds 1.3 allows remote attackers to include arbitrary local files via the otherTemplate parameter to index.php.
CVE-2006-0881 1Phpoutsourcing 1Noahs Classifieds Apr 16, 2026 Feb 24, 2006 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple PHP remote file include vulnerabilities in gorum/gorumlib.php in Noah's Classifieds 1.3, when register_globals is enabled, allow remote attackers to include arbitrary PHP files via the (1) upperTemplate and (2)...Show more Multiple PHP remote file include vulnerabilities in gorum/gorumlib.php in Noah's Classifieds 1.3, when register_globals is enabled, allow remote attackers to include arbitrary PHP files via the (1) upperTemplate and (2) lowerTemplate parameters, as demonstrated using the lowerTemplate parameter to index.php.Show less
CVE-2006-0880 1Phpoutsourcing 1Noahs Classifieds Apr 16, 2026 Feb 24, 2006 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Multiple cross-site scripting (XSS) vulnerabilities in index.php in Noah's Classifieds 1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) inf parameter; or, when register_globals is enabled, th...Show more Multiple cross-site scripting (XSS) vulnerabilities in index.php in Noah's Classifieds 1.3 allow remote attackers to inject arbitrary web script or HTML via the (1) inf parameter; or, when register_globals is enabled, the (2) upperTemplate and (3) lowerTemplate parameters.Show less
CVE-2006-0879 1Phpoutsourcing 1Noahs Classifieds Apr 16, 2026 Feb 24, 2006 N/A· v4 N/A· v3 7.5 HIGH· v2 SQL injection vulnerability in the search tool in Noah's Classifieds 1.3 allows remote attackers to execute arbitrary SQL commands via unspecified attack vectors.
CVE-2006-0878 1Phpoutsourcing 1Noahs Classifieds Apr 16, 2026 Feb 24, 2006 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Noah's Classifieds 1.3 allows remote attackers to obtain the installation path via a direct request to include files, as demonstrated by classifieds/gorum/category.php.
CVE-2005-2980 1Phpoutsourcing 1Noahs Classifieds Apr 16, 2026 Sep 20, 2005 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Cross-site scripting (XSS) vulnerability in index.php in phpoutsourcing Noah's classifieds 1.3 allows remote attackers to inject arbitrary web script or HTML via the rollid parameter.
CVE-2005-2979 1Phpoutsourcing 1Noahs Classifieds Apr 16, 2026 Sep 20, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 SQL injection vulnerability in index.php in phpoutsourcing Noah's classifieds allows remote attackers to execute arbitrary SQL commands via the rollid parameter.