Skip to main content
CVE-2017-17625 CRITICAL POC Act Now

Professional Service Script 1.0 has SQL Injection via the service-list city parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi On Demand Marketplace Script
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
2.4%
CVE-2017-17589 CRITICAL POC Act Now

FS Thumbtack Clone 1.0 has SQL Injection via the browse-category.php cat parameter or the browse-scategory.php sc parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Thumbtack Clone
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
2.4%
CVE-2017-17588 CRITICAL POC Act Now

FS IMDB Clone 1.0 has SQL Injection via the movie.php f parameter, tvshow.php s parameter, or show_misc_video.php id parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Imdb Clone
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
2.4%
CVE-2017-17587 CRITICAL POC Act Now

FS Indiamart Clone 1.0 has SQL Injection via the catcompany.php token parameter, buyleads-details.php id parameter, or company/index.php c parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Indiamart Clone
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
2.4%
CVE-2017-17586 CRITICAL POC Act Now

FS Olx Clone 1.0 has SQL Injection via the subpage.php scat parameter or the message.php pid parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Olx Clone
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
2.4%
CVE-2017-17585 CRITICAL POC Act Now

FS Monster Clone 1.0 has SQL Injection via the Employer_Details.php id parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Monster Clone
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
2.4%
CVE-2017-17584 CRITICAL POC Act Now

FS Makemytrip Clone 1.0 has SQL Injection via the show-flight-result.php fl_orig or fl_dest parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Makemytrip Clone
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
2.4%
CVE-2017-17583 CRITICAL POC Act Now

FS Shutterstock Clone 1.0 has SQL Injection via the /Category keywords parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Shutterstock Clone
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
2.4%
CVE-2017-17582 CRITICAL POC Act Now

FS Grubhub Clone 1.0 has SQL Injection via the /food keywords parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Grubhub Clone
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
2.4%
CVE-2017-17581 CRITICAL POC Act Now

FS Quibids Clone 1.0 has SQL Injection via the itechd.php productid parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Quibids Clone
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
2.4%
CVE-2017-17580 CRITICAL POC Act Now

FS Linkedin Clone 1.0 has SQL Injection via the group.php grid parameter, profile.php fid parameter, or company_details.php id parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Linkedin Clone
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
2.4%
CVE-2017-17579 CRITICAL POC Act Now

FS Freelancer Clone 1.0 has SQL Injection via the profile.php u parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Freelancer Clone
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
2.4%
CVE-2017-17578 CRITICAL POC Act Now

FS Crowdfunding Script 1.0 has SQL Injection via the latest_news_details.php id parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Crowdfunding Script
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
2.4%
CVE-2017-17577 CRITICAL POC Act Now

FS Trademe Clone 1.0 has SQL Injection via the search_item.php search parameter or the general_item_details.php id parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Trademe Clone
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
2.4%
CVE-2017-17576 CRITICAL POC Act Now

FS Gigs Script 1.0 has SQL Injection via the browse-category.php cat parameter, browse-scategory.php sc parameter, or service-provider.php ser parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Gigs Script
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
2.4%
CVE-2017-17575 CRITICAL POC Act Now

FS Groupon Clone 1.0 has SQL Injection via the item_details.php id parameter or the vendor_details.php id parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Groupon Clone
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
2.4%
CVE-2017-17574 CRITICAL POC Act Now

FS Care Clone 1.0 has SQL Injection via the searchJob.php jobType or jobFrequency parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Care Clone
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
2.4%
CVE-2017-17572 CRITICAL POC Act Now

FS Amazon Clone 1.0 has SQL Injection via the PATH_INFO to /VerAyari. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Amazon Clone
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
2.4%
CVE-2017-17571 CRITICAL POC Act Now

FS Foodpanda Clone 1.0 has SQL Injection via the /food keywords parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Foodpanda Clone
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
2.4%
CVE-2017-17570 CRITICAL POC Act Now

FS Expedia Clone 1.0 has SQL Injection via the pages.php or content.php id parameter, or the show-flight-result.php fl_orig or fl_dest parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Expedia Clone
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
2.4%
CVE-2017-17648 CRITICAL POC Act Now

Entrepreneur Dating Script 2.0.1 has SQL Injection via the search_result.php marital, gender, country, or profileid parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Entrepreneur Dating Script
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
1.4%
CVE-2017-17590 CRITICAL POC Act Now

FS Stackoverflow Clone 1.0 has SQL Injection via the /question keywords parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Stackoverflow Clone
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
0.5%
CVE-2017-14589 CRITICAL Act Now

It was possible for double OGNL evaluation in FreeMarker templates through Struts FreeMarker tags to occur. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java Information Disclosure Bamboo
NVD
CVSS 3.0
9.6
EPSS
0.3%
CVE-2017-14590 CRITICAL PATCH Act Now

Bamboo did not check that the name of a branch in a Mercurial repository contained argument parameters. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Bamboo
NVD
CVSS 3.0
9.1
EPSS
0.5%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy