Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
CVE-2017-17095 EXPLOITDB HIGH text
LibTIFF 4.0.9 - Heap-Based Buffer Overflow in pal2rgb
tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (TIFFSetupStrips heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file.
by Jungun Baek
CVSS 8.8
CVE-2017-17577 EXPLOITDB CRITICAL text VERIFIED
FS Trademe Clone 1.0 - SQL Injection via Search Parameter
FS Trademe Clone 1.0 has SQL Injection via the search_item.php search parameter or the general_item_details.php id parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17580 EXPLOITDB CRITICAL text VERIFIED
FS Linkedin Clone 1.0 - SQL Injection via group.php grid parameter
FS Linkedin Clone 1.0 has SQL Injection via the group.php grid parameter, profile.php fid parameter, or company_details.php id parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17587 EXPLOITDB CRITICAL text VERIFIED
FS Indiamart Clone 1.0 - SQL Injection via catcompany.php token Parameter
FS Indiamart Clone 1.0 has SQL Injection via the catcompany.php token parameter, buyleads-details.php id parameter, or company/index.php c parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17588 EXPLOITDB CRITICAL text VERIFIED
FS IMDB Clone 1.0 - SQL Injection via movie.php f Parameter
FS IMDB Clone 1.0 has SQL Injection via the movie.php f parameter, tvshow.php s parameter, or show_misc_video.php id parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17575 EXPLOITDB CRITICAL text VERIFIED
FS Groupon Clone 1.0 - SQL Injection via id Parameter
FS Groupon Clone 1.0 has SQL Injection via the item_details.php id parameter or the vendor_details.php id parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17576 EXPLOITDB CRITICAL text VERIFIED
FS Gigs Script 1.0 - SQL Injection via browse-category.php cat Parameter
FS Gigs Script 1.0 has SQL Injection via the browse-category.php cat parameter, browse-scategory.php sc parameter, or service-provider.php ser parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17579 EXPLOITDB CRITICAL text VERIFIED
FS Freelancer Clone 1.0 - SQL Injection via Profile Page u Parameter
FS Freelancer Clone 1.0 has SQL Injection via the profile.php u parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17570 EXPLOITDB CRITICAL text VERIFIED
FS Expedia Clone 1.0 - SQL Injection via pages.php/content.php id or show-flight-result.php fl_orig/fl_dest Parameter
FS Expedia Clone 1.0 has SQL Injection via the pages.php or content.php id parameter, or the show-flight-result.php fl_orig or fl_dest parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17573 EXPLOITDB CRITICAL text VERIFIED
FS Ebay Clone 1.0 - SQL Injection via product.php id or search.php Parameters
FS Ebay Clone 1.0 has SQL Injection via the product.php id parameter, or the search.php category_id or sub_category_id parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17578 EXPLOITDB CRITICAL text VERIFIED
FS Crowdfunding Script 1.0 - SQL Injection via latest_news_details.php id Parameter
FS Crowdfunding Script 1.0 has SQL Injection via the latest_news_details.php id parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17574 EXPLOITDB CRITICAL text VERIFIED
FS Care Clone 1.0 - SQL Injection via searchJob.php jobType or jobFrequency Parameter
FS Care Clone 1.0 has SQL Injection via the searchJob.php jobType or jobFrequency parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17572 EXPLOITDB CRITICAL text VERIFIED
FS Amazon Clone 1.0 - SQL Injection via PATH_INFO to /VerAyari
FS Amazon Clone 1.0 has SQL Injection via the PATH_INFO to /VerAyari.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17595 EXPLOITDB CRITICAL text VERIFIED
Beauty Parlour Booking Script 1.0 - SQL Injection via Gender or City Parameter
Beauty Parlour Booking Script 1.0 has SQL Injection via the /list gender or city parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17600 EXPLOITDB CRITICAL text VERIFIED
Basic B2B Script 2.0.8 - SQL Injection via product_details.php id Parameter
Basic B2B Script 2.0.8 has SQL Injection via the product_details.php id parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17598 EXPLOITDB CRITICAL text
Affiliate MLM Script 1.0 - SQL Injection via product-category.php key Parameter
Affiliate MLM Script 1.0 has SQL Injection via the product-category.php key parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17599 EXPLOITDB CRITICAL text VERIFIED
Advance Online Learning Management Script 3.1 - SQL Injection via courselist.php subcatid or popcourseid Parameter
Advance Online Learning Management Script 3.1 has SQL Injection via the courselist.php subcatid or popcourseid parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17602 EXPLOITDB CRITICAL text VERIFIED
Advance B2B Script 2.1.3 - SQL Injection via tradeshow-list-detail.php show_id or view-product.php pid Parameter
Advance B2B Script 2.1.3 has SQL Injection via the tradeshow-list-detail.php show_id or view-product.php pid parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17592 EXPLOITDB CRITICAL text VERIFIED
Website Auction Marketplace 2.0.5 - SQL Injection via search.php cat_id Parameter
Website Auction Marketplace 2.0.5 has SQL Injection via the search.php cat_id parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17593 EXPLOITDB HIGH text VERIFIED
Simple Chatting System 1.0 - Arbitrary File Upload via my_profile.php
Simple Chatting System 1.0 allows Arbitrary File Upload via view/my_profile.php, which places files under uploads/.
by Ihsan Sencan
CVSS 7.5
CVE-2017-17591 EXPLOITDB CRITICAL text VERIFIED
Realestate Crowdfunding Script 2.7.2 - SQL Injection via single-cause.php pid Parameter
Realestate Crowdfunding Script 2.7.2 has SQL Injection via the single-cause.php pid parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17597 EXPLOITDB CRITICAL text
Nearbuy Clone Script 3.2 - SQL Injection via Category List Search Parameter
Nearbuy Clone Script 3.2 has SQL Injection via the category_list.php search parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17589 EXPLOITDB CRITICAL text VERIFIED
FS Thumbtack Clone 1.0 - SQL Injection via Category Parameter
FS Thumbtack Clone 1.0 has SQL Injection via the browse-category.php cat parameter or the browse-scategory.php sc parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17590 EXPLOITDB CRITICAL text VERIFIED
FS Stackoverflow Clone 1.0 - SQL Injection via Question Keywords Parameter
FS Stackoverflow Clone 1.0 has SQL Injection via the /question keywords parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17583 EXPLOITDB CRITICAL text VERIFIED
FS Shutterstock Clone 1.0 - SQL Injection via Category Keywords Parameter
FS Shutterstock Clone 1.0 has SQL Injection via the /Category keywords parameter.
by Ihsan Sencan
CVSS 9.8