Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Tag: php Clear
ID Title
CVE-2017-17591 Realestate Crowdfunding Script 2.7.2 has SQL Injection via the single-cause.php pid parameter.
Realestate Crowdfunding Script 2.7.2 has SQL Injection via the single-cause.php pid parameter.
CVE-2017-17592 Website Auction Marketplace 2.0.5 has SQL Injection via the search.php cat_id parameter.
Website Auction Marketplace 2.0.5 has SQL Injection via the search.php cat_id parameter.
CVE-2017-17593 Unrestricted File Upload in simple-chatting-system-project (CVE-2017-17593)
vulnerability in simple-chatting-system-project (CVE-2017-17593). Data can be tampered with by attackers.
CVE-2017-17594 DomainSale PHP Script 1.0 has SQL Injection via the domain.php id parameter.
DomainSale PHP Script 1.0 has SQL Injection via the domain.php id parameter.
CVE-2017-17596 Entrepreneur Job Portal Script 2.0.6 has SQL Injection via the jobsearch_all.php rid1 parameter.
Entrepreneur Job Portal Script 2.0.6 has SQL Injection via the jobsearch_all.php rid1 parameter.
CVE-2017-17597 Nearbuy Clone Script 3.2 has SQL Injection via the category_list.php search parameter.
Nearbuy Clone Script 3.2 has SQL Injection via the category_list.php search parameter.
CVE-2017-17598 Affiliate MLM Script 1.0 has SQL Injection via the product-category.php key parameter.
Affiliate MLM Script 1.0 has SQL Injection via the product-category.php key parameter.
CVE-2017-17599 SQL Injection in sqli (CVE-2017-17599)
SQL injection in sqli (CVE-2017-17599). Successful exploitation can lead to full system takeover.
CVE-2017-17600 Basic B2B Script 2.0.8 has SQL Injection via the product_details.php id parameter.
Basic B2B Script 2.0.8 has SQL Injection via the product_details.php id parameter.
CVE-2017-17602 SQL Injection in sqli (CVE-2017-17602)
SQL injection in sqli (CVE-2017-17602). Successful exploitation can lead to full system takeover.
CVE-2017-17603 SQL Injection in sqli (CVE-2017-17603)
SQL injection in sqli (CVE-2017-17603). Successful exploitation can lead to full system takeover.
CVE-2017-17604 SQL Injection in sqli (CVE-2017-17604)
SQL injection in sqli (CVE-2017-17604). Successful exploitation can lead to full system takeover.
CVE-2017-17605 Consumer Complaints Clone Script 1.0 has SQL Injection via the other-user-profile.php id parameter.
Consumer Complaints Clone Script 1.0 has SQL Injection via the other-user-profile.php id parameter.
CVE-2017-17610 SQL Injection in sqli (CVE-2017-17610)
SQL injection in sqli (CVE-2017-17610). Successful exploitation can lead to full system takeover.
CVE-2017-17567 SQL Injection in sqli (CVE-2017-17567)
SQL injection in sqli (CVE-2017-17567). Confidential information can be exposed externally.
CVE-2017-17568 Vulnerability in scubez (CVE-2017-17568)
vulnerability in scubez (CVE-2017-17568). Confidential information can be exposed externally.
CVE-2017-17569 Scubez Posty Readymade Classifieds has XSS via the admin/user_activate_submit.php ID parameter.
Scubez Posty Readymade Classifieds has XSS via the admin/user_activate_submit.php ID parameter.
CVE-2017-17570 SQL Injection in sqli (CVE-2017-17570)
SQL injection in sqli (CVE-2017-17570). Successful exploitation can lead to full system takeover.
CVE-2017-17573 SQL Injection in sqli (CVE-2017-17573)
SQL injection in sqli (CVE-2017-17573). Successful exploitation can lead to full system takeover.
CVE-2017-17574 FS Care Clone 1.0 has SQL Injection via the searchJob.php jobType or jobFrequency parameter.
FS Care Clone 1.0 has SQL Injection via the searchJob.php jobType or jobFrequency parameter.
CVE-2017-17575 SQL Injection in sqli (CVE-2017-17575)
SQL injection in sqli (CVE-2017-17575). Successful exploitation can lead to full system takeover.
CVE-2017-17576 SQL Injection in sqli (CVE-2017-17576)
SQL injection in sqli (CVE-2017-17576). Successful exploitation can lead to full system takeover.
CVE-2017-17577 SQL Injection in sqli (CVE-2017-17577)
SQL injection in sqli (CVE-2017-17577). Successful exploitation can lead to full system takeover.
CVE-2017-17578 FS Crowdfunding Script 1.0 has SQL Injection via the latest_news_details.php id parameter.
FS Crowdfunding Script 1.0 has SQL Injection via the latest_news_details.php id parameter.
CVE-2017-17579 FS Freelancer Clone 1.0 has SQL Injection via the profile.php u parameter.
FS Freelancer Clone 1.0 has SQL Injection via the profile.php u parameter.
CVE-2017-17580 SQL Injection in sqli (CVE-2017-17580)
SQL injection in sqli (CVE-2017-17580). Successful exploitation can lead to full system takeover.
CVE-2017-17581 FS Quibids Clone 1.0 has SQL Injection via the itechd.php productid parameter.
FS Quibids Clone 1.0 has SQL Injection via the itechd.php productid parameter.
CVE-2017-17584 SQL Injection in sqli (CVE-2017-17584)
SQL injection in sqli (CVE-2017-17584). Successful exploitation can lead to full system takeover.
CVE-2017-17585 FS Monster Clone 1.0 has SQL Injection via the Employer_Details.php id parameter.
FS Monster Clone 1.0 has SQL Injection via the Employer_Details.php id parameter.
CVE-2017-17560 Authentication Bypass in westerndigital (CVE-2017-17560)
authentication bypass in westerndigital (CVE-2017-17560). Successful exploitation can lead to full system takeover.
CVE-2017-17561 Vulnerability in seacms-project (CVE-2017-17561)
vulnerability in seacms-project (CVE-2017-17561). Successful exploitation can lead to full system takeover.
CVE-2017-17110 SQL Injection in techno-portfolio-management-panel-project (CVE-2017-17110)
SQL injection in techno-portfolio-management-panel-project (CVE-2017-17110). Successful exploitation can lead to full system takeover.
CVE-2017-17111 SQL Injection in scubez (CVE-2017-17111)
SQL injection in scubez (CVE-2017-17111). Successful exploitation can lead to full system takeover.
CVE-2017-17055 OS Command Injection in articatech (CVE-2017-17055)
OS command injection in articatech (CVE-2017-17055). Successful exploitation can lead to full system takeover.
CVE-2017-17451 Cross-Site Scripting (XSS) in wordpress (CVE-2017-17451)
cross-site scripting in wordpress (CVE-2017-17451). Risk of unauthorized operations or information disclosure.
CVE-2017-12079 Vulnerability in synology (CVE-2017-12079)
vulnerability in synology (CVE-2017-12079). Confidential information can be exposed externally.
CVE-2017-17102 Fiyo CMS 2.0.7 has SQL injection in /system/site.php via $_REQUEST['link'].
Fiyo CMS 2.0.7 has SQL injection in /system/site.php via $_REQUEST['link'].
CVE-2017-17103 SQL Injection in sqli (CVE-2017-17103)
SQL injection in sqli (CVE-2017-17103). Successful exploitation can lead to full system takeover.
CVE-2017-17104 Information Disclosure in fiyo (CVE-2017-17104)
vulnerability in fiyo (CVE-2017-17104). Confidential information can be exposed externally.
CVE-2017-17091 Vulnerability in wordpress (CVE-2017-17091)
vulnerability in wordpress (CVE-2017-17091). Successful exploitation can lead to full system takeover.
CVE-2017-17092 Cross-Site Scripting (XSS) in wordpress (CVE-2017-17092)
cross-site scripting in wordpress (CVE-2017-17092). Risk of unauthorized operations or information disclosure.
CVE-2017-17093 Cross-Site Scripting (XSS) in wordpress (CVE-2017-17093)
cross-site scripting in wordpress (CVE-2017-17093). Risk of unauthorized operations or information disclosure.
CVE-2017-17094 Cross-Site Scripting (XSS) in wordpress (CVE-2017-17094)
cross-site scripting in wordpress (CVE-2017-17094). Risk of unauthorized operations or information disclosure.
CVE-2017-16893 SQL Injection in sqli (CVE-2017-16893)
SQL injection in sqli (CVE-2017-16893). Confidential information can be exposed externally.
CVE-2017-17059 Cross-Site Scripting (XSS) in wordpress (CVE-2017-17059)
cross-site scripting in wordpress (CVE-2017-17059). Risk of unauthorized operations or information disclosure.
CVE-2017-17043 Cross-Site Scripting (XSS) in wordpress (CVE-2017-17043)
cross-site scripting in wordpress (CVE-2017-17043). Risk of unauthorized operations or information disclosure.
CVE-2017-15673 Unrestricted File Upload in cs-cart (CVE-2017-15673)
vulnerability in cs-cart (CVE-2017-15673). Successful exploitation can lead to full system takeover.
CVE-2017-15052 Privilege Escalation in teampass (CVE-2017-15052)
vulnerability in teampass (CVE-2017-15052). Data can be tampered with by attackers.
CVE-2017-15053 Privilege Escalation in teampass (CVE-2017-15053)
vulnerability in teampass (CVE-2017-15053). Data can be tampered with by attackers.
CVE-2017-15054 Unrestricted File Upload in teampass (CVE-2017-15054)
vulnerability in teampass (CVE-2017-15054). Successful exploitation can lead to full system takeover.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →