99 matches found
Sql injection
Child Care Script 1.0 has SQL Injection via the /list city parameter...
CVE-2017-17614
Food Order Script 1.0 has SQL Injection via the /list city parameter...
CVE-2017-17598
Affiliate MLM Script 1.0 is affected by an SQL injection in product-category.php via the key parameter. The vulnerability is described across multiple sources (NVD/CNVD, CVE); remote attacker can inject SQL commands. Exploitation details and concrete remediation are not provided in the supplied d...
CVE-2017-17578
CVE-2017-17578 affects FS Crowdfunding Script 1.0 (PHP/MySQL). The vulnerability is a SQL injection in the latest_news_details.php script via the id parameter, enabling a remote attacker to inject SQL commands. CVSS vectors indicate high/critical impact with network access and no authentication r...
CVE-2017-17605
Consumer Complaints Clone Script 1.0 has SQL Injection via the other-user-profile.php id parameter...
CVE-2017-17616
CVE-2017-17616 affects PHP Scripts Mall Event Search Script 1.0. A SQL injection exists in the /event-list endpoint via the city parameter, enabling a remote attacker to inject SQL commands. The CNVD entry confirms the vulnerability and the affected script version; exploitation details are provid...
CVE-2017-17601
Cab Booking Script 1.0 has SQL Injection via the /service-list city parameter...
CVE-2017-17608
CVE-2017-17608 affects Child Care Script 1.0. It exposes an SQL injection via the /list city parameter, allowing an attacker to inject SQL commands. CVSS data indicates high to critical impact (confidentiality, integrity, and availability). Root cause is unsanitized input in the city parameter. E...
CVE-2017-17609
Affected software: Chartered Accountant Booking Script 1.0 by PHP Scripts Mall. Vulnerability: SQL Injection in /service-list via the city parameter due to lack of input validation. Root cause: unvalidated user input composing SQL. Impact: described as SQL injection with potential data exposure/ ...
Professional Service Script 1.0 SQL Injection
Exploit Title: Professional Service Script 1.0 - SQL Injection Dork: N/A Date: 09.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/professional-service-script/ Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A...
Professional Service Script 1.0 - service-list?city SQL Injection
Professional Service Script 1.0 - service-list?city SQL Injection Exploit Title: Professional Service Script 1.0 - SQL Injection Dork: N/A Date: 09.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/professional-service-script/ Version:...
Food Order Script 1.0 - list?city SQL Injection
Food Order Script 1.0 - list?city SQL Injection Exploit Title: Food Order Script 1.0 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/food-order-script-2/ Demo:...
FS Gigs Script 1.0 SQL Injection
Exploit Title: FS Gigs Script 1.0 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://fortunescripts.com/ Software Link: https://fortunescripts.com/product/gigs-script/ Demo: http://gigs.demonstration.co.in/ Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A...
Yoga Class Script 1.0 - 'list?city' SQL Injection
Exploit Title: Yoga Class Script 1.0 - SQL Injection Dork: N/A Date: 09.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/yoga-class-script/ Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A Exploit Author: Ihsan...
Professional Service Script 1.0 - 'service-list?city' SQL Injection
Exploit Title: Professional Service Script 1.0 - SQL Injection Dork: N/A Date: 09.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/professional-service-script/ Version: 1.0 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64 CVE: N/A...
Laundry Booking Script 1.0 - list?city SQL Injection
Laundry Booking Script 1.0 - list?city SQL Injection Exploit Title: Laundry Booking Script 1.0 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/laundry-booking-script/ Version: 1.0 Category: Webapps...
Facebook Clone Script 1.0 - id send SQL Injection
Facebook Clone Script 1.0 - id send SQL Injection Exploit Title: Facebook Clone Script 1.0 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/facebook-clone/ Demo:...
Yoga Class Script 1.0 - list?city SQL Injection
Yoga Class Script 1.0 - list?city SQL Injection Exploit Title: Yoga Class Script 1.0 - SQL Injection Dork: N/A Date: 09.12.2017 Vendor Homepage: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/yoga-class-script/ Version: 1.0 Category: Webapps Tested on:...
DomainSale PHP Script 1.0 SQL Injection Vulnerability
DomainSale PHP Script version 1.0 suffers from a remote SQL injection vulnerability. Exploit Title: DomainSale PHP Script 1.0 - SQL Injection Dork: N/A Date: 08.12.2017 Vendor Homepage: https://www.codester.com/ChewiScripts Software Link: https://www.codester.com/items/5301/domainsale-php-script...
CVE-2017-15980
US Zip Codes Database Script 1.0 allows SQL Injection via the state parameter...