Description
Cross-site scripting (XSS) vulnerability in friendmail.php in OpenAutoClassifieds 1.0 allows remote attackers to inject arbitrary web script or HTML via the listing parameter.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by David Sopas Ferreira · textwebappsphp
https://www.exploit-db.com/exploits/23336
References (5)
Core 5
Core References
Exploit, Vendor Advisory vdb-entry
x_refsource_osvdb
http://www.osvdb.org/2767
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/13604
Exploit, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/8972
Exploit, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/10138
Exploit, Vendor Advisory mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/343806
Scores
EPSS
0.0123
EPSS Percentile
79.3%
Details
Status
published
Published
Nov 03, 2003
Tracked Since
Feb 18, 2026