Multiple SQL injection vulnerabilities in PHP Classifieds Script allow remote attackers to execute arbitrary SQL commands via the fatherID parameter to (1) browse.php and (2) search.php.Referenceshttp://www.securityfocus.com/bid/29169http://secunia.com/advisories/30209https://exchange.xforce.ibmcloud.com/vulnerabilities/42380https://www.exploit-db.com/exploits/5599
