Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: cwe-89 Clear
ID Title
CVE-2017-17731 DedeCMS through 5.7 has SQL Injection via the $_FILES superglobal to plus/recommend.php.
DedeCMS through 5.7 has SQL Injection via the $_FILES superglobal to plus/recommend.php.
CVE-2017-17713 SQL Injection in sqli (CVE-2017-17713)
SQL injection in sqli (CVE-2017-17713). Successful exploitation can lead to full system takeover. Exploitable via `User-Agent header`.
CVE-2017-17695 SQL Injection in sqli (CVE-2017-17695)
SQL injection in sqli (CVE-2017-17695). Successful exploitation can lead to full system takeover.
CVE-2017-5663 SQL Injection in apache (CVE-2017-5663)
SQL injection in apache (CVE-2017-5663). Successful exploitation can lead to full system takeover.
CVE-2017-17648 SQL Injection in sqli (CVE-2017-17648)
SQL injection in sqli (CVE-2017-17648). Successful exploitation can lead to full system takeover.
CVE-2017-17638 Groupon Clone Script 3.01 has SQL Injection via the city_ajax.php state_id parameter.
Groupon Clone Script 3.01 has SQL Injection via the city_ajax.php state_id parameter.
CVE-2017-17639 Muslim Matrimonial Script 3.02 has SQL Injection via the success-story.php succid parameter.
Muslim Matrimonial Script 3.02 has SQL Injection via the success-story.php succid parameter.
CVE-2017-17640 SQL Injection in sqli (CVE-2017-17640)
SQL injection in sqli (CVE-2017-17640). Successful exploitation can lead to full system takeover.
CVE-2017-17641 Resume Clone Script 2.0.5 has SQL Injection via the preview.php id parameter.
Resume Clone Script 2.0.5 has SQL Injection via the preview.php id parameter.
CVE-2017-17642 Basic Job Site Script 2.0.5 has SQL Injection via the keyword parameter to /job.
Basic Job Site Script 2.0.5 has SQL Injection via the keyword parameter to /job.
CVE-2017-17612 Hot Scripts Clone 3.1 has SQL Injection via the /categories subctid or mctid parameter.
Hot Scripts Clone 3.1 has SQL Injection via the /categories subctid or mctid parameter.
CVE-2017-17613 SQL Injection in sqli (CVE-2017-17613)
SQL injection in sqli (CVE-2017-17613). Successful exploitation can lead to full system takeover.
CVE-2017-17614 Food Order Script 1.0 has SQL Injection via the /list city parameter.
Food Order Script 1.0 has SQL Injection via the /list city parameter.
CVE-2017-17615 Facebook Clone Script 1.0 has SQL Injection via the friend-profile.php id parameter.
Facebook Clone Script 1.0 has SQL Injection via the friend-profile.php id parameter.
CVE-2017-17616 Event Search Script 1.0 has SQL Injection via the /event-list city parameter.
Event Search Script 1.0 has SQL Injection via the /event-list city parameter.
CVE-2017-17617 Foodspotting Clone Script 1.0 has SQL Injection via the quicksearch.php q parameter.
Foodspotting Clone Script 1.0 has SQL Injection via the quicksearch.php q parameter.
CVE-2017-17618 Kickstarter Clone Script 2.0 has SQL Injection via the investcalc.php projid parameter.
Kickstarter Clone Script 2.0 has SQL Injection via the investcalc.php projid parameter.
CVE-2017-17619 Laundry Booking Script 1.0 has SQL Injection via the /list city parameter.
Laundry Booking Script 1.0 has SQL Injection via the /list city parameter.
CVE-2017-17620 Lawyer Search Script 1.1 has SQL Injection via the /lawyer-list city parameter.
Lawyer Search Script 1.1 has SQL Injection via the /lawyer-list city parameter.
CVE-2017-17621 Multivendor Penny Auction Clone Script 1.0 has SQL Injection via the PATH_INFO to the /detail URI.
Multivendor Penny Auction Clone Script 1.0 has SQL Injection via the PATH_INFO to the /detail URI.
CVE-2017-17622 Online Exam Test Application Script 1.6 has SQL Injection via the exams.php sort parameter.
Online Exam Test Application Script 1.6 has SQL Injection via the exams.php sort parameter.
CVE-2017-17623 SQL Injection in sqli (CVE-2017-17623)
SQL injection in sqli (CVE-2017-17623). Successful exploitation can lead to full system takeover.
CVE-2017-17624 SQL Injection in sqli (CVE-2017-17624)
SQL injection in sqli (CVE-2017-17624). Successful exploitation can lead to full system takeover.
CVE-2017-17625 Professional Service Script 1.0 has SQL Injection via the service-list city parameter.
Professional Service Script 1.0 has SQL Injection via the service-list city parameter.
CVE-2017-17626 SQL Injection in sqli (CVE-2017-17626)
SQL injection in sqli (CVE-2017-17626). Successful exploitation can lead to full system takeover.
CVE-2017-17627 SQL Injection in sqli (CVE-2017-17627)
SQL injection in sqli (CVE-2017-17627). Successful exploitation can lead to full system takeover.
CVE-2017-17628 Responsive Realestate Script 3.2 has SQL Injection via the property-list tbud parameter.
Responsive Realestate Script 3.2 has SQL Injection via the property-list tbud parameter.
CVE-2017-17629 SQL Injection in sqli (CVE-2017-17629)
SQL injection in sqli (CVE-2017-17629). Successful exploitation can lead to full system takeover.
CVE-2017-17630 Yoga Class Script 1.0 has SQL Injection via the /list city parameter.
Yoga Class Script 1.0 has SQL Injection via the /list city parameter.
CVE-2017-17631 SQL Injection in sqli (CVE-2017-17631)
SQL injection in sqli (CVE-2017-17631). Successful exploitation can lead to full system takeover.
CVE-2017-17632 SQL Injection in sqli (CVE-2017-17632)
SQL injection in sqli (CVE-2017-17632). Successful exploitation can lead to full system takeover.
CVE-2017-17633 SQL Injection in sqli (CVE-2017-17633)
SQL injection in sqli (CVE-2017-17633). Successful exploitation can lead to full system takeover.
CVE-2017-17634 Single Theater Booking Script 3.2.1 has SQL Injection via the findcity.php q parameter.
Single Theater Booking Script 3.2.1 has SQL Injection via the findcity.php q parameter.
CVE-2017-17635 SQL Injection in sqli (CVE-2017-17635)
SQL injection in sqli (CVE-2017-17635). Successful exploitation can lead to full system takeover.
CVE-2017-17636 MLM Forced Matrix 2.0.9 has SQL Injection via the news-detail.php newid parameter.
MLM Forced Matrix 2.0.9 has SQL Injection via the news-detail.php newid parameter.
CVE-2017-17637 Car Rental Script 2.0.4 has SQL Injection via the countrycode1.php val parameter.
Car Rental Script 2.0.4 has SQL Injection via the countrycode1.php val parameter.
CVE-2017-17586 SQL Injection in sqli (CVE-2017-17586)
SQL injection in sqli (CVE-2017-17586). Successful exploitation can lead to full system takeover.
CVE-2017-17587 SQL Injection in c (CVE-2017-17587)
SQL injection in c (CVE-2017-17587). Successful exploitation can lead to full system takeover.
CVE-2017-17588 SQL Injection in sqli (CVE-2017-17588)
SQL injection in sqli (CVE-2017-17588). Successful exploitation can lead to full system takeover.
CVE-2017-17589 SQL Injection in sqli (CVE-2017-17589)
SQL injection in sqli (CVE-2017-17589). Successful exploitation can lead to full system takeover.
CVE-2017-17590 FS Stackoverflow Clone 1.0 has SQL Injection via the /question keywords parameter.
FS Stackoverflow Clone 1.0 has SQL Injection via the /question keywords parameter.
CVE-2017-17591 Realestate Crowdfunding Script 2.7.2 has SQL Injection via the single-cause.php pid parameter.
Realestate Crowdfunding Script 2.7.2 has SQL Injection via the single-cause.php pid parameter.
CVE-2017-17592 Website Auction Marketplace 2.0.5 has SQL Injection via the search.php cat_id parameter.
Website Auction Marketplace 2.0.5 has SQL Injection via the search.php cat_id parameter.
CVE-2017-17594 DomainSale PHP Script 1.0 has SQL Injection via the domain.php id parameter.
DomainSale PHP Script 1.0 has SQL Injection via the domain.php id parameter.
CVE-2017-17595 Beauty Parlour Booking Script 1.0 has SQL Injection via the /list gender or city parameter.
Beauty Parlour Booking Script 1.0 has SQL Injection via the /list gender or city parameter.
CVE-2017-17596 Entrepreneur Job Portal Script 2.0.6 has SQL Injection via the jobsearch_all.php rid1 parameter.
Entrepreneur Job Portal Script 2.0.6 has SQL Injection via the jobsearch_all.php rid1 parameter.
CVE-2017-17597 Nearbuy Clone Script 3.2 has SQL Injection via the category_list.php search parameter.
Nearbuy Clone Script 3.2 has SQL Injection via the category_list.php search parameter.
CVE-2017-17598 Affiliate MLM Script 1.0 has SQL Injection via the product-category.php key parameter.
Affiliate MLM Script 1.0 has SQL Injection via the product-category.php key parameter.
CVE-2017-17599 SQL Injection in sqli (CVE-2017-17599)
SQL injection in sqli (CVE-2017-17599). Successful exploitation can lead to full system takeover.
CVE-2017-17600 Basic B2B Script 2.0.8 has SQL Injection via the product_details.php id parameter.
Basic B2B Script 2.0.8 has SQL Injection via the product_details.php id parameter.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →