Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
CVE-2017-17627 EXPLOITDB CRITICAL text VERIFIED
Readymade Video Sharing Script 3.2 - SQL Injection via Report Videos Array Parameter
Readymade Video Sharing Script 3.2 has SQL Injection via the single-video-detail.php report_videos array parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17626 EXPLOITDB CRITICAL text VERIFIED
Readymade PHP Classified Script 3.3 - SQL Injection via Categories Subctid or Mctid Parameter
Readymade PHP Classified Script 3.3 has SQL Injection via the /categories subctid or mctid parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17625 EXPLOITDB CRITICAL text VERIFIED
Professional Service Script 1.0 - SQL Injection via City Parameter
Professional Service Script 1.0 has SQL Injection via the service-list city parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17624 EXPLOITDB CRITICAL text VERIFIED
PHP Multivendor Ecommerce 1.0 - SQL Injection via single_detail.php or category.php
PHP Multivendor Ecommerce 1.0 has SQL Injection via the single_detail.php sid parameter, or the category.php searchcat or chid1 parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17622 EXPLOITDB CRITICAL text VERIFIED
Online Exam Test Application Script 1.6 - SQL Injection via exams.php sort parameter
Online Exam Test Application Script 1.6 has SQL Injection via the exams.php sort parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17639 EXPLOITDB CRITICAL text VERIFIED
Muslim Matrimonial Script 3.02 - SQL Injection via success-story.php succid Parameter
Muslim Matrimonial Script 3.02 has SQL Injection via the success-story.php succid parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17621 EXPLOITDB CRITICAL text VERIFIED
Multivendor Penny Auction Clone Script 1.0 - SQL Injection via PATH_INFO to Detail URI
Multivendor Penny Auction Clone Script 1.0 has SQL Injection via the PATH_INFO to the /detail URI.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17631 EXPLOITDB CRITICAL text VERIFIED
Multireligion Responsive Matrimonial 4.7.2 - SQL Injection via success-story.php succid Parameter
Multireligion Responsive Matrimonial 4.7.2 has SQL Injection via the success-story.php succid parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17633 EXPLOITDB CRITICAL text VERIFIED
Multiplex Movie Theater Booking Script 3.1.5 - SQL Injection via moid or eid Parameter
Multiplex Movie Theater Booking Script 3.1.5 has SQL Injection via the trailer-detail.php moid parameter, show-time.php moid parameter, or event-detail.php eid parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17635 EXPLOITDB CRITICAL text
MLM Forex Market Plan Script 2.0.4 - SQL Injection via news_detail.php newid or event_detail.php eventid Parameter
MLM Forex Market Plan Script 2.0.4 has SQL Injection via the news_detail.php newid parameter or the event_detail.php eventid parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17636 EXPLOITDB CRITICAL text VERIFIED
MLM Forced Matrix 2.0.9 - SQL Injection via News Detail newid Parameter
MLM Forced Matrix 2.0.9 has SQL Injection via the news-detail.php newid parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17620 EXPLOITDB CRITICAL text VERIFIED
Lawyer Search Script 1.1 - SQL Injection via City Parameter
Lawyer Search Script 1.1 has SQL Injection via the /lawyer-list city parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17619 EXPLOITDB CRITICAL text VERIFIED
Laundry Booking Script 1.0 - SQL Injection via City Parameter
Laundry Booking Script 1.0 has SQL Injection via the /list city parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17618 EXPLOITDB CRITICAL text VERIFIED
Kickstarter Clone Script 2.0 - SQL Injection via investcalc.php projid Parameter
Kickstarter Clone Script 2.0 has SQL Injection via the investcalc.php projid parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17612 EXPLOITDB CRITICAL text VERIFIED
Hot Scripts Clone 3.1 - SQL Injection via Categories Subctid or Mctid Parameter
Hot Scripts Clone 3.1 has SQL Injection via the /categories subctid or mctid parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17638 EXPLOITDB CRITICAL text VERIFIED
Groupon Clone Script 3.01 - SQL Injection via city_ajax.php state_id Parameter
Groupon Clone Script 3.01 has SQL Injection via the city_ajax.php state_id parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17613 EXPLOITDB CRITICAL text VERIFIED
Freelance Website Script 2.0.6 - SQL Injection via jobdetails.php pr_id or searchbycat_list.php catid Parameter
Freelance Website Script 2.0.6 has SQL Injection via the jobdetails.php pr_id parameter or the searchbycat_list.php catid parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17617 EXPLOITDB CRITICAL text VERIFIED
Foodspotting Clone Script 1.0 - SQL Injection via Quicksearch q Parameter
Foodspotting Clone Script 1.0 has SQL Injection via the quicksearch.php q parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17614 EXPLOITDB CRITICAL text VERIFIED
Food Order Script 1.0 - SQL Injection via City Parameter
Food Order Script 1.0 has SQL Injection via the /list city parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17615 EXPLOITDB HIGH text VERIFIED
Facebook Clone Script 1.0 - SQL Injection via Friend-Profile ID Parameter
Facebook Clone Script 1.0 has SQL Injection via the friend-profile.php id parameter.
by Ihsan Sencan
CVSS 8.8
CVE-2017-17604 EXPLOITDB CRITICAL text
Entrepreneur Bus Booking Script 3.0.4 - SQL Injection via Booker Details Sourcebus Parameter
Entrepreneur Bus Booking Script 3.0.4 has SQL Injection via the booker_details.php sourcebus parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17637 EXPLOITDB CRITICAL text VERIFIED
Car Rental Script 2.0.4 - SQL Injection via countrycode1.php val Parameter
Car Rental Script 2.0.4 has SQL Injection via the countrycode1.php val parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17640 EXPLOITDB CRITICAL text
Advanced World Database 2.0.5 - SQL Injection via city.php or state.php Parameter
Advanced World Database 2.0.5 has SQL Injection via the city.php country or state parameter, or the state.php country parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17603 EXPLOITDB CRITICAL text VERIFIED
Advanced Real Estate Script 4.0.7 - SQL Injection via Search Parameters
Advanced Real Estate Script 4.0.7 has SQL Injection via the search-results.php Projectmain, proj_type, searchtext, sell_price, or maxprice parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-13861 EXPLOITDB HIGH text VERIFIED
Safari Webkit Proxy Object Type Confusion
An issue was discovered in certain Apple products. iOS before 11.2 is affected. tvOS before 11.2 is affected. watchOS before 4.2 is affected. The issue involves the "IOSurface" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
by Google Security Research
CVSS 7.8