CVEs (3)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Xzero Scripts 1Xzero Community Classifieds Apr 23, 2026 Dec 28, 2007 N/A· v4 N/A· v3 7.5 HIGH· v2 PHP remote file inclusion vulnerability in config.inc.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the path_escape parameter. |
1Xzero Scripts 1Xzero Community Classifieds Apr 23, 2026 Dec 28, 2007 N/A· v4 N/A· v3 6.4 MEDIUM· v2 Directory traversal vulnerability in index.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the pagename parameter in a pag...Show more |
1Xzero Scripts 1Xzero Community Classifieds Apr 23, 2026 Dec 28, 2007 N/A· v4 N/A· v3 7.5 HIGH· v2 SQL injection vulnerability in post.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to execute arbitrary SQL commands via the subcatid parameter to index.php. |