Critical Vulnerabilities with Public Exploits

Updated 4h ago

Search and track vulnerabilities with real-time exploit intelligence. Cross-reference CVEs against public exploits from ExploitDB, Metasploit, GitHub, and Nuclei — with CVSS and EPSS scoring, CISA KEV monitoring, and AI-powered exploit analysis.

346,402 CVEs tracked 53,629 with exploits 4,859 exploited in wild 1,583 CISA KEV 4,077 Nuclei templates 52,301 vendors 43,863 researchers

4,101 results Clear all

CVE-2017-17630 9.8 CRITICAL 1 PoC Analysis EPSS 0.03

Yoga Class Script - SQL Injection

Yoga Class Script 1.0 has SQL Injection via the /list city parameter.

CWE-89 Dec 13, 2017

CVE-2017-17629 9.8 CRITICAL 1 PoC Analysis EPSS 0.03

Secure E-commerce Script - SQL Injection

Secure E-commerce Script 2.0.1 has SQL Injection via the category.php searchmain or searchcat parameter, or the single_detail.php sid parameter.

CWE-89 Dec 13, 2017

CVE-2017-17628 9.8 CRITICAL 1 PoC Analysis EPSS 0.03

Responsive Realestate Script - SQL Injection

Responsive Realestate Script 3.2 has SQL Injection via the property-list tbud parameter.

CWE-89 Dec 13, 2017

CVE-2017-17627 9.8 CRITICAL 1 PoC Analysis EPSS 0.03

Readymade Video Sharing Script - SQL Injection

Readymade Video Sharing Script 3.2 has SQL Injection via the single-video-detail.php report_videos array parameter.

CWE-89 Dec 13, 2017

CVE-2017-17626 9.8 CRITICAL 1 PoC Analysis EPSS 0.03

Readymade Php Classified Script - SQL Injection

Readymade PHP Classified Script 3.3 has SQL Injection via the /categories subctid or mctid parameter.

CWE-89 Dec 13, 2017

CVE-2017-17625 9.8 CRITICAL 1 PoC Analysis EPSS 0.02

ON Demand Marketplace Script - SQL Injection

Professional Service Script 1.0 has SQL Injection via the service-list city parameter.

CWE-89 Dec 13, 2017

CVE-2017-17624 9.8 CRITICAL 1 PoC Analysis EPSS 0.03

Php Multivendor Ecommerce - SQL Injection

PHP Multivendor Ecommerce 1.0 has SQL Injection via the single_detail.php sid parameter, or the category.php searchcat or chid1 parameter.

CWE-89 Dec 13, 2017

CVE-2017-17623 9.8 CRITICAL 1 PoC Analysis EPSS 0.03

Opensource Classified Ads Script - SQL Injection

Opensource Classified Ads Script 3.2 has SQL Injection via the advance_result.php keyword parameter.

CWE-89 Dec 13, 2017

CVE-2017-17622 9.8 CRITICAL 1 PoC Analysis EPSS 0.04

Online Exam Test Application Script - SQL Injection

Online Exam Test Application Script 1.6 has SQL Injection via the exams.php sort parameter.

CWE-89 Dec 13, 2017

CVE-2017-17621 9.8 CRITICAL 1 PoC Analysis EPSS 0.04

Multivendor Penny Auction Clone Script - SQL Injection

Multivendor Penny Auction Clone Script 1.0 has SQL Injection via the PATH_INFO to the /detail URI.

CWE-89 Dec 13, 2017

CVE-2017-17620 9.8 CRITICAL 1 PoC Analysis EPSS 0.03

Lawyer Search Script - SQL Injection

Lawyer Search Script 1.1 has SQL Injection via the /lawyer-list city parameter.

CWE-89 Dec 13, 2017

CVE-2017-17619 9.8 CRITICAL 1 PoC Analysis EPSS 0.04

Laundry Booking Script - SQL Injection

Laundry Booking Script 1.0 has SQL Injection via the /list city parameter.

CWE-89 Dec 13, 2017

CVE-2017-17618 9.8 CRITICAL 1 PoC Analysis EPSS 0.03

Kickstarter Clone Script - SQL Injection

Kickstarter Clone Script 2.0 has SQL Injection via the investcalc.php projid parameter.

CWE-89 Dec 13, 2017

CVE-2017-17617 9.8 CRITICAL 1 PoC Analysis EPSS 0.03

Foodspotting Clone Script - SQL Injection

Foodspotting Clone Script 1.0 has SQL Injection via the quicksearch.php q parameter.

CWE-89 Dec 13, 2017

CVE-2017-17614 9.8 CRITICAL 1 PoC Analysis EPSS 0.03

Hotel Restaurant Reviews And Feedback Script - SQL Injection

Food Order Script 1.0 has SQL Injection via the /list city parameter.

CWE-89 Dec 13, 2017

CVE-2017-17613 9.8 CRITICAL 1 PoC Analysis EPSS 0.03

Freelance Website Script - SQL Injection

Freelance Website Script 2.0.6 has SQL Injection via the jobdetails.php pr_id parameter or the searchbycat_list.php catid parameter.

CWE-89 Dec 13, 2017

CVE-2017-17604 9.8 CRITICAL 1 PoC Analysis EPSS 0.03

Entrepreneur Bus Booking Script - SQL Injection

Entrepreneur Bus Booking Script 3.0.4 has SQL Injection via the booker_details.php sourcebus parameter.

CWE-89 Dec 13, 2017

CVE-2017-17603 9.8 CRITICAL 1 PoC Analysis EPSS 0.03

Advanced Real Estate Script - SQL Injection

Advanced Real Estate Script 4.0.7 has SQL Injection via the search-results.php Projectmain, proj_type, searchtext, sell_price, or maxprice parameter.

CWE-89 Dec 13, 2017

CVE-2017-17602 9.8 CRITICAL 1 PoC Analysis EPSS 0.03

Advance B2b Script - SQL Injection

Advance B2B Script 2.1.3 has SQL Injection via the tradeshow-list-detail.php show_id or view-product.php pid parameter.

CWE-89 Dec 13, 2017

CVE-2017-17600 9.8 CRITICAL 1 PoC Analysis EPSS 0.03

Basic B2b Script - SQL Injection

Basic B2B Script 2.0.8 has SQL Injection via the product_details.php id parameter.

CWE-89 Dec 13, 2017