CVE-2007-6566
XZero Community Classifieds <4.95.11 - SQL Injection
Title source: llmDescription
SQL injection vulnerability in post.php in XZero Community Classifieds 4.95.11 and earlier allows remote attackers to execute arbitrary SQL commands via the subcatid parameter to index.php.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Kw3[R]Ln · perlwebappsphp
https://www.exploit-db.com/exploits/4794
References (7)
Scores
EPSS
0.0118
EPSS Percentile
78.8%
Details
CWE
CWE-89
Status
published
Products (1)
xzero_scripts/xzero_community_classifieds
4.95.11
Published
Dec 28, 2007
Tracked Since
Feb 18, 2026