Exploitdb Exploits

49,996 exploits tracked across all sources.

Sort: Activity Stars

CVE-2017-17577 EXPLOITDB CRITICAL text VERIFIED

Trademe Clone - SQL Injection

FS Trademe Clone 1.0 has SQL Injection via the search_item.php search parameter or the general_item_details.php id parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17580 EXPLOITDB CRITICAL text VERIFIED

Linkedin Clone - SQL Injection

FS Linkedin Clone 1.0 has SQL Injection via the group.php grid parameter, profile.php fid parameter, or company_details.php id parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17587 EXPLOITDB CRITICAL text VERIFIED

Indiamart Clone - SQL Injection

FS Indiamart Clone 1.0 has SQL Injection via the catcompany.php token parameter, buyleads-details.php id parameter, or company/index.php c parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17588 EXPLOITDB CRITICAL text VERIFIED

Imdb Clone - SQL Injection

FS IMDB Clone 1.0 has SQL Injection via the movie.php f parameter, tvshow.php s parameter, or show_misc_video.php id parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17582 EXPLOITDB CRITICAL html VERIFIED

Grubhub Clone - SQL Injection

FS Grubhub Clone 1.0 has SQL Injection via the /food keywords parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17575 EXPLOITDB CRITICAL text VERIFIED

Groupon Clone - SQL Injection

FS Groupon Clone 1.0 has SQL Injection via the item_details.php id parameter or the vendor_details.php id parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17576 EXPLOITDB CRITICAL text VERIFIED

Gigs Script - SQL Injection

FS Gigs Script 1.0 has SQL Injection via the browse-category.php cat parameter, browse-scategory.php sc parameter, or service-provider.php ser parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17579 EXPLOITDB CRITICAL text VERIFIED

Freelancer Clone - SQL Injection

FS Freelancer Clone 1.0 has SQL Injection via the profile.php u parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17571 EXPLOITDB CRITICAL html VERIFIED

Foodpanda Clone - SQL Injection

FS Foodpanda Clone 1.0 has SQL Injection via the /food keywords parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17570 EXPLOITDB CRITICAL text VERIFIED

Expedia Clone - SQL Injection

FS Expedia Clone 1.0 has SQL Injection via the pages.php or content.php id parameter, or the show-flight-result.php fl_orig or fl_dest parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17573 EXPLOITDB CRITICAL text VERIFIED

Fortunescripts Ebay Clone - SQL Injection

FS Ebay Clone 1.0 has SQL Injection via the product.php id parameter, or the search.php category_id or sub_category_id parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17578 EXPLOITDB CRITICAL text VERIFIED

Crowdfunding Script - SQL Injection

FS Crowdfunding Script 1.0 has SQL Injection via the latest_news_details.php id parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17574 EXPLOITDB CRITICAL text VERIFIED

Care Clone - SQL Injection

FS Care Clone 1.0 has SQL Injection via the searchJob.php jobType or jobFrequency parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17572 EXPLOITDB CRITICAL text VERIFIED

Amazon Clone - SQL Injection

FS Amazon Clone 1.0 has SQL Injection via the PATH_INFO to /VerAyari.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17595 EXPLOITDB CRITICAL text VERIFIED

Beauty Parlour Booking Script - SQL Injection

Beauty Parlour Booking Script 1.0 has SQL Injection via the /list gender or city parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17600 EXPLOITDB CRITICAL text VERIFIED

Basic B2b Script - SQL Injection

Basic B2B Script 2.0.8 has SQL Injection via the product_details.php id parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17598 EXPLOITDB CRITICAL text

Affiliate Mlm Script - SQL Injection

Affiliate MLM Script 1.0 has SQL Injection via the product-category.php key parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17599 EXPLOITDB CRITICAL text VERIFIED

Advance Online Learning Management Script - SQL Injection

Advance Online Learning Management Script 3.1 has SQL Injection via the courselist.php subcatid or popcourseid parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17602 EXPLOITDB CRITICAL text VERIFIED

Advance B2b Script - SQL Injection

Advance B2B Script 2.1.3 has SQL Injection via the tradeshow-list-detail.php show_id or view-product.php pid parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-18047 EXPLOITDB CRITICAL python

Labf Nfsaxe - Memory Corruption

Buffer Overflow in the FTP client in LabF nfsAxe 3.7 allows remote FTP servers to execute arbitrary code via a long reply.

by wetw0rk

CVSS 9.8

View

CVE-2017-14742 EXPLOITDB CRITICAL python

LabF nfsAxe FTP client <3.7 - RCE

Buffer overflow in LabF nfsAxe FTP client 3.7 allows an attacker to execute code remotely.

by wetw0rk

CVSS 9.8

View

CVE-2017-17592 EXPLOITDB CRITICAL text VERIFIED

Website Auction Marketplace - SQL Injection

Website Auction Marketplace 2.0.5 has SQL Injection via the search.php cat_id parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17593 EXPLOITDB HIGH text VERIFIED

Simple Chatting System - Unrestricted File Upload

Simple Chatting System 1.0 allows Arbitrary File Upload via view/my_profile.php, which places files under uploads/.

by Ihsan Sencan

CVSS 7.5

View

CVE-2017-17591 EXPLOITDB CRITICAL text VERIFIED

Realestate Crowdfunding Script - SQL Injection

Realestate Crowdfunding Script 2.7.2 has SQL Injection via the single-cause.php pid parameter.

by Ihsan Sencan

CVSS 9.8

View

CVE-2017-17597 EXPLOITDB CRITICAL text

Nearbuy Clone Script - SQL Injection

Nearbuy Clone Script 3.2 has SQL Injection via the category_list.php search parameter.

by Ihsan Sencan

CVSS 9.8

View

By Source

Exploitdb 49,996

By Language