3096 matches found
CVE-2017-17615
Facebook Clone Script 1.0 has SQL Injection via the friend-profile.php id parameter...
CVE-2017-17617
Foodspotting Clone Script 1.0 has SQL Injection via the quicksearch.php q parameter...
CVE-2017-17581
FS Quibids Clone 1.0 is affected by an SQL injection in the itechd.php productid parameter. Multiple sources (CNVD-2017-37406, NVD entry) confirm a SQL injection vulnerability with remote exploitation. Exploit-DB references a posted exploit for this issue. No official patch/version details are pr...
CVE-2017-17612
The CVE-2017-17612 entry applies to Hot Scripts Clone 3.1 (from PHP Scripts Mall). A SQL injection vulnerability exists in the /categories endpoint via the subctid/mctid parameters, enabling manipulation of SQL commands by an attacker. Public references show explotation tooling linked to Exploit-...
CVE-2017-17618
CVE-2017-17618 affects Kickstarter Clone Script 2.0 and is a SQL Injection vulnerability in investcalc.php via the projid parameter. Public records describe injection as the root cause, with high impact (C/H/I/A) per CVSS v3.0 (9.8) and CVSS v2.0 (7.5). Exploitation is documented (exploit-db link...
CVE-2017-17586
FS Olx Clone 1.0 has SQL Injection via the subpage.php scat parameter or the message.php pid parameter...
CVE-2017-17580
CVE-2017-17580 affects FS Linkedin Clone 1.0 and is a SQL Injection vulnerability exploitable via the group.php grid parameter, profile.php fid parameter, or company_details.php id parameter. The issue is evidenced by CVSS metrics (2.0: base score 7.5, PARTIAL impacts; 3.1: base score 9.8, HIGH i...
CVE-2017-17638
The CVE relates to Groupon Clone Script 3.01, where an SQL Injection vulnerability exists in city_ajax.php via the state_id parameter. Public references (Exploit-DB, Packet Storm) indicate a remote attacker could leverage this to inject SQL commands. The CVSS metrics indicate a high severity (AV:...
CVE-2017-17573
CVE-2017-17573 affects FS Ebay Clone 1.0, where SQL injection is possible via product.php?id and via search.php parameters category_id or sub_category_id. The root cause is improper handling of user-supplied input in those parameters, enabling attacker-controlled SQL commands. Documented impact i...
CVE-2017-17587
FS Indiamart Clone 1.0 has SQL Injection via the catcompany.php token parameter, buyleads-details.php id parameter, or company/index.php c parameter...
CVE-2017-17589
FS Thumbtack Clone 1.0 contains a SQL Injection vulnerability in browse-category.php (cat parameter) and browse-scategory.php (sc parameter). The root cause is improper input handling allowing an attacker to inject arbitrary SQL commands. Exploitation is evidenced by published PoC/exploit referen...
CVE-2017-17621
Multivendor Penny Auction Clone Script 1.0 has SQL Injection via the PATHINFO to the /detail URI...
CVE-2017-17579
FS Freelancer Clone 1.0 has SQL Injection via the profile.php u parameter...
CVE-2017-17582
FS Grubhub Clone 1.0 has SQL Injection via the /food keywords parameter...
CVE-2017-17605
Consumer Complaints Clone Script 1.0 has SQL Injection via the other-user-profile.php id parameter...
CVE-2017-17617
CVE-2017-17617 affects Foodspotting Clone Script 1.0 (PHP Scripts Mall India). A SQL injection exists in quicksearch.php via the q parameter, enabling arbitrary SQL commands due to improper input handling. Public references indicate the vulnerability is exploitable remotely with the q parameter, ...
CVE-2017-17588
FS IMDB Clone 1.0 is affected by a SQL Injection in PHP scripts (movie.php f, tvshow.php s, show_misc_video.php id). The root cause is unsanitized input leading to injectable SQL commands, enabling potential data disclosure/modification. Exploitation details are referenced (e.g., Exploit-DB), but...
CVE-2017-17587
CVE-2017-17587 affects FS Indiamart Clone 1.0 (PHP/MySQL). The vulnerability is a SQL injection in three input points: the token parameter in catcompany.php, the id parameter in buyleads-details.php, and the id parameter in company/index.php (c parameter). Impact described in sources corresponds ...
CVE-2017-17571
FS Foodpanda Clone 1.0 (PHP CodeIgniter) contains a SQL injection vulnerability in the /food keywords parameter. A remote attacker can inject SQL commands due to improper input handling in this parameter, as described in CNVD-2017-37402 and corroborated by NVD entries referencing the same vector....
CVE-2017-17590
CVE-2017-17590 affects FS Stackoverflow Clone 1.0 and is due to a SQL Injection in the /question endpoint where the keywords parameter is unsafely handled. Exploitation could allow an attacker to inject SQL commands, with logs and public references noting an in-the-wild exploit (e.g., Exploit-DB)...