Kzar

**Name of the Vulnerable Software and Affected Versions** PHP Classifieds version 7.1 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the `catid search` parameter in "search.php" and the `catid` parameter in "index.php". **Recommendations** For PHP Classifieds version 7.1, consider restricting access to the `search.php` and `index.php` files until a patch is available, and avoid using the `catid search` and `catid` parameters in these files to minimize the risk of exploitation.