Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2017-17591 |
|
Realestate Crowdfunding Script 2.7.2 has SQL Injection via the single-cause.php pid parameter.
Realestate Crowdfunding Script 2.7.2 has SQL Injection via the single-cause.php pid parameter.
|
| CVE-2017-17592 |
|
Website Auction Marketplace 2.0.5 has SQL Injection via the search.php cat_id parameter.
Website Auction Marketplace 2.0.5 has SQL Injection via the search.php cat_id parameter.
|
| CVE-2017-17593 |
|
Unrestricted File Upload in simple-chatting-system-project (CVE-2017-17593)
vulnerability in simple-chatting-system-project (CVE-2017-17593). Data can be tampered with by attackers.
|
| CVE-2017-17594 |
|
DomainSale PHP Script 1.0 has SQL Injection via the domain.php id parameter.
DomainSale PHP Script 1.0 has SQL Injection via the domain.php id parameter.
|
| CVE-2017-17596 |
|
Entrepreneur Job Portal Script 2.0.6 has SQL Injection via the jobsearch_all.php rid1 parameter.
Entrepreneur Job Portal Script 2.0.6 has SQL Injection via the jobsearch_all.php rid1 parameter.
|
| CVE-2017-17597 |
|
Nearbuy Clone Script 3.2 has SQL Injection via the category_list.php search parameter.
Nearbuy Clone Script 3.2 has SQL Injection via the category_list.php search parameter.
|
| CVE-2017-17598 |
|
Affiliate MLM Script 1.0 has SQL Injection via the product-category.php key parameter.
Affiliate MLM Script 1.0 has SQL Injection via the product-category.php key parameter.
|
| CVE-2017-17599 |
|
SQL Injection in sqli (CVE-2017-17599)
SQL injection in sqli (CVE-2017-17599). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17600 |
|
Basic B2B Script 2.0.8 has SQL Injection via the product_details.php id parameter.
Basic B2B Script 2.0.8 has SQL Injection via the product_details.php id parameter.
|
| CVE-2017-17602 |
|
SQL Injection in sqli (CVE-2017-17602)
SQL injection in sqli (CVE-2017-17602). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17603 |
|
SQL Injection in sqli (CVE-2017-17603)
SQL injection in sqli (CVE-2017-17603). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17604 |
|
SQL Injection in sqli (CVE-2017-17604)
SQL injection in sqli (CVE-2017-17604). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17605 |
|
Consumer Complaints Clone Script 1.0 has SQL Injection via the other-user-profile.php id parameter.
Consumer Complaints Clone Script 1.0 has SQL Injection via the other-user-profile.php id parameter.
|
| CVE-2017-17610 |
|
SQL Injection in sqli (CVE-2017-17610)
SQL injection in sqli (CVE-2017-17610). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17567 |
|
SQL Injection in sqli (CVE-2017-17567)
SQL injection in sqli (CVE-2017-17567). Confidential information can be exposed externally.
|
| CVE-2017-17568 |
|
Vulnerability in scubez (CVE-2017-17568)
vulnerability in scubez (CVE-2017-17568). Confidential information can be exposed externally.
|
| CVE-2017-17569 |
|
Scubez Posty Readymade Classifieds has XSS via the admin/user_activate_submit.php ID parameter.
Scubez Posty Readymade Classifieds has XSS via the admin/user_activate_submit.php ID parameter.
|
| CVE-2017-17570 |
|
SQL Injection in sqli (CVE-2017-17570)
SQL injection in sqli (CVE-2017-17570). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17573 |
|
SQL Injection in sqli (CVE-2017-17573)
SQL injection in sqli (CVE-2017-17573). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17574 |
|
FS Care Clone 1.0 has SQL Injection via the searchJob.php jobType or jobFrequency parameter.
FS Care Clone 1.0 has SQL Injection via the searchJob.php jobType or jobFrequency parameter.
|
| CVE-2017-17575 |
|
SQL Injection in sqli (CVE-2017-17575)
SQL injection in sqli (CVE-2017-17575). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17576 |
|
SQL Injection in sqli (CVE-2017-17576)
SQL injection in sqli (CVE-2017-17576). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17577 |
|
SQL Injection in sqli (CVE-2017-17577)
SQL injection in sqli (CVE-2017-17577). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17578 |
|
FS Crowdfunding Script 1.0 has SQL Injection via the latest_news_details.php id parameter.
FS Crowdfunding Script 1.0 has SQL Injection via the latest_news_details.php id parameter.
|
| CVE-2017-17579 |
|
FS Freelancer Clone 1.0 has SQL Injection via the profile.php u parameter.
FS Freelancer Clone 1.0 has SQL Injection via the profile.php u parameter.
|
| CVE-2017-17580 |
|
SQL Injection in sqli (CVE-2017-17580)
SQL injection in sqli (CVE-2017-17580). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17581 |
|
FS Quibids Clone 1.0 has SQL Injection via the itechd.php productid parameter.
FS Quibids Clone 1.0 has SQL Injection via the itechd.php productid parameter.
|
| CVE-2017-17584 |
|
SQL Injection in sqli (CVE-2017-17584)
SQL injection in sqli (CVE-2017-17584). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17585 |
|
FS Monster Clone 1.0 has SQL Injection via the Employer_Details.php id parameter.
FS Monster Clone 1.0 has SQL Injection via the Employer_Details.php id parameter.
|
| CVE-2017-17560 |
|
Authentication Bypass in westerndigital (CVE-2017-17560)
authentication bypass in westerndigital (CVE-2017-17560). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17561 |
|
Vulnerability in seacms-project (CVE-2017-17561)
vulnerability in seacms-project (CVE-2017-17561). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17110 |
|
SQL Injection in techno-portfolio-management-panel-project (CVE-2017-17110)
SQL injection in techno-portfolio-management-panel-project (CVE-2017-17110). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17111 |
|
SQL Injection in scubez (CVE-2017-17111)
SQL injection in scubez (CVE-2017-17111). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17055 |
|
OS Command Injection in articatech (CVE-2017-17055)
OS command injection in articatech (CVE-2017-17055). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17451 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-17451)
cross-site scripting in wordpress (CVE-2017-17451). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-12079 |
|
Vulnerability in synology (CVE-2017-12079)
vulnerability in synology (CVE-2017-12079). Confidential information can be exposed externally.
|
| CVE-2017-17102 |
|
Fiyo CMS 2.0.7 has SQL injection in /system/site.php via $_REQUEST['link'].
Fiyo CMS 2.0.7 has SQL injection in /system/site.php via $_REQUEST['link'].
|
| CVE-2017-17103 |
|
SQL Injection in sqli (CVE-2017-17103)
SQL injection in sqli (CVE-2017-17103). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17104 |
|
Information Disclosure in fiyo (CVE-2017-17104)
vulnerability in fiyo (CVE-2017-17104). Confidential information can be exposed externally.
|
| CVE-2017-17091 |
|
Vulnerability in wordpress (CVE-2017-17091)
vulnerability in wordpress (CVE-2017-17091). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17092 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-17092)
cross-site scripting in wordpress (CVE-2017-17092). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-17093 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-17093)
cross-site scripting in wordpress (CVE-2017-17093). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-17094 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-17094)
cross-site scripting in wordpress (CVE-2017-17094). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-16893 |
|
SQL Injection in sqli (CVE-2017-16893)
SQL injection in sqli (CVE-2017-16893). Confidential information can be exposed externally.
|
| CVE-2017-17059 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-17059)
cross-site scripting in wordpress (CVE-2017-17059). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-17043 |
|
Cross-Site Scripting (XSS) in wordpress (CVE-2017-17043)
cross-site scripting in wordpress (CVE-2017-17043). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-15673 |
|
Unrestricted File Upload in cs-cart (CVE-2017-15673)
vulnerability in cs-cart (CVE-2017-15673). Successful exploitation can lead to full system takeover.
|
| CVE-2017-15052 |
|
Privilege Escalation in teampass (CVE-2017-15052)
vulnerability in teampass (CVE-2017-15052). Data can be tampered with by attackers.
|
| CVE-2017-15053 |
|
Privilege Escalation in teampass (CVE-2017-15053)
vulnerability in teampass (CVE-2017-15053). Data can be tampered with by attackers.
|
| CVE-2017-15054 |
|
Unrestricted File Upload in teampass (CVE-2017-15054)
vulnerability in teampass (CVE-2017-15054). Successful exploitation can lead to full system takeover.
|