CVE-2008-2453 - Nonagon Terror
Description
Multiple SQL injection vulnerabilities in PHP Classifieds Script allow remote attackers to execute arbitrary SQL commands via the fatherID parameter to (1) browse.php and (2) search.php.
Reference
http://www.securityfocus.com/bid/29169 http://secunia.com/advisories/30209 https://exchange.xforce.ibmcloud.com/vulnerabilities/42380 https://www.exploit-db.com/exploits/5599