Text Exploits

CVE-2017-17614 EXPLOITDB CRITICAL text VERIFIED

Hotel Restaurant Reviews And Feedback Script - SQL Injection

Food Order Script 1.0 has SQL Injection via the /list city parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17615 EXPLOITDB HIGH text VERIFIED

Facebook Clone Script - SQL Injection

Facebook Clone Script 1.0 has SQL Injection via the friend-profile.php id parameter.

by Ihsan Sencan

CVSS 8.8

View

CVE-2017-17604 EXPLOITDB CRITICAL text

Entrepreneur Bus Booking Script - SQL Injection

Entrepreneur Bus Booking Script 3.0.4 has SQL Injection via the booker_details.php sourcebus parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17637 EXPLOITDB CRITICAL text VERIFIED

Car Rental Script - SQL Injection

Car Rental Script 2.0.4 has SQL Injection via the countrycode1.php val parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17640 EXPLOITDB CRITICAL text

Advanced World Database - SQL Injection

Advanced World Database 2.0.5 has SQL Injection via the city.php country or state parameter, or the state.php country parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17603 EXPLOITDB CRITICAL text VERIFIED

Advanced Real Estate Script - SQL Injection

Advanced Real Estate Script 4.0.7 has SQL Injection via the search-results.php Projectmain, proj_type, searchtext, sell_price, or maxprice parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-13861 EXPLOITDB HIGH text VERIFIED

Safari Webkit Proxy Object Type Confusion

An issue was discovered in certain Apple products. iOS before 11.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "IOSurface" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

by Google Security Research

CVSS 7.8

View

CVE-2017-17095 EXPLOITDB HIGH text

LibTIFF 4.0.9 - Buffer Overflow

tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (TIFFSetupStrips heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file.

by Jungun Baek

CVSS 8.8

View

CVE-2017-17577 EXPLOITDB CRITICAL text VERIFIED

Trademe Clone - SQL Injection

FS Trademe Clone 1.0 has SQL Injection via the search_item.php search parameter or the general_item_details.php id parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17580 EXPLOITDB CRITICAL text VERIFIED

Linkedin Clone - SQL Injection

FS Linkedin Clone 1.0 has SQL Injection via the group.php grid parameter, profile.php fid parameter, or company_details.php id parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17587 EXPLOITDB CRITICAL text VERIFIED

Indiamart Clone - SQL Injection

FS Indiamart Clone 1.0 has SQL Injection via the catcompany.php token parameter, buyleads-details.php id parameter, or company/index.php c parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17588 EXPLOITDB CRITICAL text VERIFIED

Imdb Clone - SQL Injection

FS IMDB Clone 1.0 has SQL Injection via the movie.php f parameter, tvshow.php s parameter, or show_misc_video.php id parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17575 EXPLOITDB CRITICAL text VERIFIED

Groupon Clone - SQL Injection

FS Groupon Clone 1.0 has SQL Injection via the item_details.php id parameter or the vendor_details.php id parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17576 EXPLOITDB CRITICAL text VERIFIED

Gigs Script - SQL Injection

FS Gigs Script 1.0 has SQL Injection via the browse-category.php cat parameter, browse-scategory.php sc parameter, or service-provider.php ser parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17579 EXPLOITDB CRITICAL text VERIFIED

Freelancer Clone - SQL Injection

FS Freelancer Clone 1.0 has SQL Injection via the profile.php u parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17570 EXPLOITDB CRITICAL text VERIFIED

Expedia Clone - SQL Injection

FS Expedia Clone 1.0 has SQL Injection via the pages.php or content.php id parameter, or the show-flight-result.php fl_orig or fl_dest parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17573 EXPLOITDB CRITICAL text VERIFIED

Fortunescripts Ebay Clone - SQL Injection

FS Ebay Clone 1.0 has SQL Injection via the product.php id parameter, or the search.php category_id or sub_category_id parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17578 EXPLOITDB CRITICAL text VERIFIED

Crowdfunding Script - SQL Injection

FS Crowdfunding Script 1.0 has SQL Injection via the latest_news_details.php id parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17574 EXPLOITDB CRITICAL text VERIFIED

Care Clone - SQL Injection

FS Care Clone 1.0 has SQL Injection via the searchJob.php jobType or jobFrequency parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17572 EXPLOITDB CRITICAL text VERIFIED

Amazon Clone - SQL Injection

FS Amazon Clone 1.0 has SQL Injection via the PATH_INFO to /VerAyari.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17595 EXPLOITDB CRITICAL text VERIFIED

Beauty Parlour Booking Script - SQL Injection

Beauty Parlour Booking Script 1.0 has SQL Injection via the /list gender or city parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17600 EXPLOITDB CRITICAL text VERIFIED

Basic B2b Script - SQL Injection

Basic B2B Script 2.0.8 has SQL Injection via the product_details.php id parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17598 EXPLOITDB CRITICAL text

Affiliate Mlm Script - SQL Injection

Affiliate MLM Script 1.0 has SQL Injection via the product-category.php key parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17599 EXPLOITDB CRITICAL text VERIFIED

Advance Online Learning Management Script - SQL Injection

Advance Online Learning Management Script 3.1 has SQL Injection via the courselist.php subcatid or popcourseid parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17602 EXPLOITDB CRITICAL text VERIFIED

Advance B2b Script - SQL Injection

Advance B2B Script 2.1.3 has SQL Injection via the tradeshow-list-detail.php show_id or view-product.php pid parameter.

by Ihsan Sencan

CVSS 9.8

View