cpe:/a:smartisoft:phpbazar:2.0.2 cpe:/a:smartisoft:phpbazar:2.1.0 cpe:/a:smartisoft:phpbazar:2.1.1 cpe:/a:smartisoft:phpbazar:2.1.1fix CVE-2009-4221 2009-12-07T12:30:00.453-05:00 2017-08-16T21:31:29.537-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-12-08T09:53:00.000-05:00 EXPLOIT-DB 10245 BID 37144 MISC http://packetstormsecurity.org/0911-exploits/phpbazar211fix-sql.txt XF phpbazar-cid-sql-injection(54447) SQL injection vulnerability in classified.php in phpBazar 2.1.1fix and earlier allows remote attackers to execute arbitrary SQL commands via the catid parameter, a different vector than CVE-2008-3767.