CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/06/19 4:24 p.m.•5 views

EUVD-2017-18999

CVE•added 2026/06/19 4:24 p.m.•11 views

CVE-2017-20272

CVE-2017-20272 affects Joomla Ultimate Property Listing 1.0.2. The vulnerability is an SQL injection in the sf_selectuser_id parameter that can be exploited by unauthenticated users via GET requests to index.php with option=com_upl and view=propertylisting. This allows extraction of sensitive DB ...

EUVD•added 2026/06/19 4:21 p.m.•5 views

EUVD-2017-18998

Joomla StreetGuessr Game 1.1.8 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the catid parameter. Attackers can send GET requests to index.php with the option=comstreetguess&view=maps parameters a...

CVE•added 2026/06/19 4:21 p.m.•10 views

CVE-2017-20271

Joomla StreetGuessr Game 1.1.8 is affected by an SQL injection via the catid parameter in index.php when using option=com_streetguess&view=maps. The vulnerability allows unauthenticated attackers to execute arbitrary SQL queries and exfiltrate data such as database version and names. Reported CVS...

ATTACKERKB•added 2026/06/19 4:21 p.m.•5 views

CVE-2017-20271

Exploits0References2Affected Software1

ATTACKERKB•added 2026/06/19 4:17 p.m.•6 views

CVE-2017-20270

Joomla! Component Twitch Tv 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the username and id parameters. Attackers can send GET requests to index.php with option=comtwitchtv and view paramete...

8.8CVSS6.2AI score0.0027EPSS

Exploits0References4Affected Software1

EUVD•added 2026/06/19 4:17 p.m.•4 views

EUVD-2017-18997

8.8CVSS6.2AI score0.0027EPSS

CVE•added 2026/06/19 4:17 p.m.•11 views

CVE-2017-20270

CVE-2017-20270 affects the Joomla! Twitch Tv component 1.1, with an SQL injection vulnerability in the GET parameters username and id via index.php (option=com_twitchtv and view) that allows unauthenticated attackers to execute arbitrary SQL and extract sensitive data (credentials, configuration)...

8.8CVSS6.2AI score0.0027EPSS

Cvelist•added 2026/06/19 4:17 p.m.•25 views

CVE-2017-20270 Joomla! Component Twitch Tv 1.1 SQL Injection

8.8CVSS0.0027EPSS

NVD•added 2026/06/19 4:16 p.m.•10 views

CVE-2017-20263

Joomla! Component FocalPoint Pro/Free 1.2.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to index.php with option=comfocalpoint, view=location, a...

NVD•added 2026/06/19 4:16 p.m.•9 views

CVE-2017-20266

Joomla SP Movie Database 1.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the searchword parameter. Attackers can send GET requests to the searchresults view with crafted SQL payloads in the...

NVD•added 2026/06/19 4:16 p.m.•11 views

CVE-2017-20267

Joomla! Component Calendar Planner 1.0.1 contains an SQL injection vulnerability that allows unauthenticated attackers to inject SQL commands through the categoryid parameter. Attackers can send GET requests to the events view with malicious SQL code in the categoryid parameter to extract sensiti...

NVD•added 2026/06/19 4:16 p.m.•9 views

CVE-2017-20264

Joomla! Component Sponsor Wall 8.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wallid parameter. Attackers can send GET requests to index.php with the option=comsponsorwall&task=click&wallid...

7.1CVSS0.00241EPSS

NVD•added 2026/06/19 4:16 p.m.•11 views

CVE-2017-20265

Joomla! Component Flip Wall 8.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wallid parameter. Attackers can send GET requests to index.php with the option=comflipwall&task=click&wallid...

7.1CVSS0.00241EPSS

NVD•added 2026/06/19 4:16 p.m.•10 views

CVE-2017-20257

Joomla! Component Quiz Deluxe 3.7.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL commands through the ajaxaction.flagquestion task. Attackers can inject malicious SQL code via the stuquizid or flagquest parameters to manipulate database...

NVD•added 2026/06/19 4:16 p.m.•12 views

CVE-2017-20256

Joomla Survey Force Deluxe 3.2.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the invite parameter. Attackers can send GET requests to the component with crafted SQL payloads in the invite...

NVD•added 2026/06/19 4:16 p.m.•11 views

CVE-2017-20260

Joomla! Component Price Alert 3.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the productid parameter. Attackers can send requests to the subscribeajax view with crafted SQL payloads in the...

NVD•added 2026/06/19 4:16 p.m.•8 views

CVE-2017-20255

Joomla! Component JB Visa 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the visatype parameter. Attackers can send GET requests to index.php with the option=combookpro and view=popup parameter...

NVD•added 2026/06/19 4:16 p.m.•9 views

CVE-2017-20259

Joomla OSDownloads 1.7.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to index.php with option=comosdownloads&view=item&id=SQL to extract sensiti...