VULHUB ™

MyClassifieds SQL Versions below 2.13 are vulnerable to a SQL injection attack. The problem is due to improper sanitization of user input for the email variable. A remote attacker could insert arbitrary SQL code in the email variable. The passwords of the users can be written into a file and made world readable.

MyClassifieds SQL Versions below 2.13 are vulnerable to a SQL injection attack. The problem is due to improper sanitization of user input for the email variable. A remote attacker could insert arbitrary SQL code in the email variable. The passwords of the users can be written into a file and made world readable.