CVE-2017-17592
Website Auction Marketplace 2.0.5 has SQL Injection via the search.php cat_id parameter.
Source: CVE-2017-17592
[월:] 2017년 12월
CVE-2017-17595
CVE-2017-17595
Beauty Parlour Booking Script 1.0 has SQL Injection via the /list gender or city parameter.
Source: CVE-2017-17595
CVE-2017-17594
CVE-2017-17594
DomainSale PHP Script 1.0 has SQL Injection via the domain.php id parameter.
Source: CVE-2017-17594
CVE-2017-17589
CVE-2017-17589
FS Thumbtack Clone 1.0 has SQL Injection via the browse-category.php cat parameter or the browse-scategory.php sc parameter.
Source: CVE-2017-17589
CVE-2017-17590
CVE-2017-17590
FS Stackoverflow Clone 1.0 has SQL Injection via the /question keywords parameter.
Source: CVE-2017-17590
CVE-2017-17587
CVE-2017-17587
FS Indiamart Clone 1.0 has SQL Injection via the catcompany.php token parameter, buyleads-details.php id parameter, or company/index.php c parameter.
Source: CVE-2017-17587
CVE-2017-17588
CVE-2017-17588
FS IMDB Clone 1.0 has SQL Injection via the movie.php f parameter, tvshow.php s parameter, or show_misc_video.php id parameter.
Source: CVE-2017-17588
CVE-2017-17586
CVE-2017-17586
FS Olx Clone 1.0 has SQL Injection via the subpage.php scat parameter or the message.php pid parameter.
Source: CVE-2017-17586
CVE-2017-17605
CVE-2017-17605
Consumer Complaints Clone Script 1.0 has SQL Injection via the other-user-profile.php id parameter.
Source: CVE-2017-17605
CVE-2017-17568 (posty_readymade_classifieds)
CVE-2017-17568 (posty_readymade_classifieds)
Scubez Posty Readymade Classifieds has Incorrect Access Control for visiting admin/user_activate_submit.php (aka the backend PHP script), which might allow remote attackers to obtain sensitive information via a direct request.