2017-12-11 17:00:00
mitre
PUBLISHED
Posty Readymade Classifieds Script 1.0 allows an attacker to inject SQL commands via a listings.php?catid= or ads-details.php?ID= request.