CVE-2008-1793

Name of the Vulnerable Software and Affected Versions Smart Classified ADS Professional (affected versions not specified) Smart Photo ADS (affected versions not specified) Smart Photo ADS Gold (affected versions not specified)

Description The issue concerns multiple cross-site scripting (XSS) vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the AdNum and Department parameters in the view.cgi component.

Recommendations For Smart Classified ADS Professional, restrict access to the view.cgi component to minimize the risk of exploitation. For Smart Photo ADS, avoid using the AdNum and Department parameters in the view.cgi component until the issue is resolved. For Smart Photo ADS Gold, consider disabling the view.cgi component as a temporary workaround until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.