CVE-2017-17626
The Readymade PHP Classified Script version 3.3 is vulnerable to SQL Injection through the /categories endpoint when the subctid or mctid parameters are provided. This is caused by unsanitized input in those parameters, enabling an attacker to inject SQL commands. There are public exploit referen...