CVE-2017-17601 (cab_booking_script)
Cab Booking Script 1.0 has SQL Injection via the /service-list city parameter.
[월:] 2017년 12월
CVE-2017-17609 (chartered_accountant_booking_script)
CVE-2017-17609 (chartered_accountant_booking_script)
Chartered Accountant Booking Script 1.0 has SQL Injection via the /service-list city parameter.
Source: CVE-2017-17609 (chartered_accountant_booking_script)
CVE-2017-17600 (basic_b2b_script)
CVE-2017-17600 (basic_b2b_script)
Basic B2B Script 2.0.8 has SQL Injection via the product_details.php id parameter.
CVE-2017-17605 (consumer_complaints_clone_script)
CVE-2017-17605 (consumer_complaints_clone_script)
Consumer Complaints Clone Script 1.0 has SQL Injection via the other-user-profile.php id parameter.
CVE-2017-17607 (cms_auditor_website)
CVE-2017-17607 (cms_auditor_website)
CMS Auditor Website 1.0 has SQL Injection via the PATH_INFO to /news-detail.
CVE-2017-17593 (simple_chatting_system)
CVE-2017-17593 (simple_chatting_system)
Simple Chatting System 1.0 allows Arbitrary File Upload via view/my_profile.php, which places files under uploads/.
CVE-2017-17594 (domainsale_php_script)
CVE-2017-17594 (domainsale_php_script)
DomainSale PHP Script 1.0 has SQL Injection via the domain.php id parameter.
CVE-2017-17596 (entrepreneur_job_portal_script)
CVE-2017-17596 (entrepreneur_job_portal_script)
Entrepreneur Job Portal Script 2.0.6 has SQL Injection via the jobsearch_all.php rid1 parameter.
CVE-2017-17598 (affiliate_mlm_script)
CVE-2017-17598 (affiliate_mlm_script)
Affiliate MLM Script 1.0 has SQL Injection via the product-category.php key parameter.
CVE-2017-17592 (website_auction_marketplace)
CVE-2017-17592 (website_auction_marketplace)
Website Auction Marketplace 2.0.5 has SQL Injection via the search.php cat_id parameter.