CVE-2017-17111

Posty Readymade Classifieds Script 1.0 allows an attacker to inject SQL commands via a listings.php?catid= or ads-details.php?ID= request. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt