Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
CVE-2017-17581 EXPLOITDB CRITICAL text VERIFIED
FS Quibids Clone 1.0 - SQL Injection via itechd.php productid Parameter
FS Quibids Clone 1.0 has SQL Injection via the itechd.php productid parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17586 EXPLOITDB CRITICAL text VERIFIED
FS Olx Clone 1.0 - SQL Injection via subpage.php scat or message.php pid Parameter
FS Olx Clone 1.0 has SQL Injection via the subpage.php scat parameter or the message.php pid parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17585 EXPLOITDB CRITICAL text VERIFIED
FS Monster Clone 1.0 - SQL Injection via Employer_Details.php id Parameter
FS Monster Clone 1.0 has SQL Injection via the Employer_Details.php id parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17584 EXPLOITDB CRITICAL text VERIFIED
FS Makemytrip Clone 1.0 - SQL Injection via fl_orig or fl_dest Parameter
FS Makemytrip Clone 1.0 has SQL Injection via the show-flight-result.php fl_orig or fl_dest parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17616 EXPLOITDB CRITICAL text
Event Search Script 1.0 - SQL Injection via City Parameter
Event Search Script 1.0 has SQL Injection via the /event-list city parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17596 EXPLOITDB CRITICAL text
Entrepreneur Job Portal Script 2.0.6 - SQL Injection via jobsearch_all.php rid1 Parameter
Entrepreneur Job Portal Script 2.0.6 has SQL Injection via the jobsearch_all.php rid1 parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17648 EXPLOITDB CRITICAL text
Entrepreneur Dating Script 2.0.1 - SQL Injection via search_result.php Parameters
Entrepreneur Dating Script 2.0.1 has SQL Injection via the search_result.php marital, gender, country, or profileid parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17610 EXPLOITDB CRITICAL text
E-commerce MLM Software 1.0 - SQL Injection via Service Detail PID Parameter
E-commerce MLM Software 1.0 has SQL Injection via the service_detail.php pid parameter, event_detail.php eventid parameter, or news_detail.php newid parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17594 EXPLOITDB CRITICAL text VERIFIED
DomainSale PHP Script 1.0 - SQL Injection via domain.php id Parameter
DomainSale PHP Script 1.0 has SQL Injection via the domain.php id parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17611 EXPLOITDB CRITICAL text
Doctor Search Script 1.0 - SQL Injection via City Parameter
Doctor Search Script 1.0 has SQL Injection via the /list city parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17605 EXPLOITDB CRITICAL text
Consumer Complaints Clone Script 1.0 - SQL Injection via other-user-profile.php id Parameter
Consumer Complaints Clone Script 1.0 has SQL Injection via the other-user-profile.php id parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17606 EXPLOITDB CRITICAL text
Co-work Space Search Script 1.0 - SQL Injection via City Parameter
Co-work Space Search Script 1.0 has SQL Injection via the /list city parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17607 EXPLOITDB CRITICAL text
CMS Auditor Website 1.0 - SQL Injection via PATH_INFO to /news-detail
CMS Auditor Website 1.0 has SQL Injection via the PATH_INFO to /news-detail.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17608 EXPLOITDB CRITICAL text
Child Care Script 1.0 - SQL Injection via City Parameter
Child Care Script 1.0 has SQL Injection via the /list city parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17609 EXPLOITDB CRITICAL text
Chartered Accountant Booking Script 1.0 - SQL Injection via Service-List City Parameter
Chartered Accountant Booking Script 1.0 has SQL Injection via the /service-list city parameter.
by Ihsan Sencan
CVSS 9.8
CVE-2017-17601 EXPLOITDB CRITICAL text
Cab Booking Script 1.0 - SQL Injection via Service-List City Parameter
Cab Booking Script 1.0 has SQL Injection via the /service-list city parameter.
by Ihsan Sencan
CVSS 9.8
EIP-2026-110292 EXPLOITDB text
OpenEMR 5.0.0 - OS Command Injection / Cross-Site Scripting
by SEC Consult
EIP-2026-110291 EXPLOITDB text
OpenEMR 5.0.0 - OS Command Injection / Cross-Site Scripting
by SEC Consult
EIP-2026-107281 EXPLOITDB text VERIFIED
FS IMDB Clone - 'id' SQL Injection
by Dan°
EIP-2026-107277 EXPLOITDB text VERIFIED
FS Facebook Clone - 'token' SQL Injection
by Dan°
CVE-2017-17085 EXPLOITDB HIGH text VERIFIED
Wireshark 2.4.0-2.4.2 and 2.2.0-2.2.10 - Denial of Service in CIP Safety Dissector
In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissector could crash. This was addressed in epan/dissectors/packet-cipsafety.c by validating the packet length.
by Wireshark
CVSS 7.5
EIP-2026-107288 EXPLOITDB text VERIFIED
FS Shaadi Clone - 'token' SQL Injection
by Dan°
EIP-2026-107284 EXPLOITDB text VERIFIED
FS Makemytrip Clone - 'id' SQL Injection
by Dan°
CVE-2017-11319 EXPLOITDB HIGH text VERIFIED
Perspective ICM Investigation & Case 5.1.1.16 - Authenticated Privilege Escalation
Perspective ICM Investigation & Case 5.1.1.16 allows remote authenticated users to modify access level permissions and consequently gain privileges by leveraging insufficient validation methods and missing cross server side checking mechanisms.
by Konstantinos Alexiou
CVSS 8.8
CVE-2017-17110 EXPLOITDB CRITICAL text VERIFIED
Techno Portfolio Management Panel 1.0 - SQL Injection
Techno Portfolio Management Panel 1.0 allows an attacker to inject SQL commands via a single.php?id= request.
by Ihsan Sencan
CVSS 9.8