CVE-2017-20136 Information

Description

A vulnerability classified as critical has been found in Itech Classifieds Script 7.27. Affected is an unknown function of the file /subpage.php. The manipulation of the argument scat with the input =51’ AND 4941=4941 AND ‘hoCP’=‘hoCP leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Reference

https://www.exploit-db.com/exploits/41189/ https://vuldb.com/?id.96282