Critical Vulnerabilities with Public Exploits

Updated 4h ago

Search and track vulnerabilities with real-time exploit intelligence. Cross-reference CVEs against public exploits from ExploitDB, Metasploit, GitHub, and Nuclei — with CVSS and EPSS scoring, CISA KEV monitoring, and AI-powered exploit analysis.

346,402 CVEs tracked 53,629 with exploits 4,859 exploited in wild 1,583 CISA KEV 4,077 Nuclei templates 52,301 vendors 43,863 researchers

4,101 results Clear all

CVE-2017-17599 9.8 CRITICAL 1 PoC Analysis EPSS 0.03

Advance Online Learning Management Script - SQL Injection

Advance Online Learning Management Script 3.1 has SQL Injection via the courselist.php subcatid or popcourseid parameter.

CWE-89 Dec 13, 2017

CVE-2017-17598 9.8 CRITICAL 1 PoC Analysis EPSS 0.03

Affiliate Mlm Script - SQL Injection

Affiliate MLM Script 1.0 has SQL Injection via the product-category.php key parameter.

CWE-89 Dec 13, 2017

CVE-2017-17595 9.8 CRITICAL 1 PoC Analysis EPSS 0.03

Beauty Parlour Booking Script - SQL Injection

Beauty Parlour Booking Script 1.0 has SQL Injection via the /list gender or city parameter.

CWE-89 Dec 13, 2017

CVE-2017-17588 9.8 CRITICAL 1 PoC Analysis EPSS 0.02

Imdb Clone - SQL Injection

FS IMDB Clone 1.0 has SQL Injection via the movie.php f parameter, tvshow.php s parameter, or show_misc_video.php id parameter.

CWE-89 Dec 13, 2017

CVE-2017-17587 9.8 CRITICAL 1 PoC Analysis EPSS 0.02

Indiamart Clone - SQL Injection

FS Indiamart Clone 1.0 has SQL Injection via the catcompany.php token parameter, buyleads-details.php id parameter, or company/index.php c parameter.

CWE-89 Dec 13, 2017

CVE-2017-17582 9.8 CRITICAL 1 PoC Analysis EPSS 0.02

Grubhub Clone - SQL Injection

FS Grubhub Clone 1.0 has SQL Injection via the /food keywords parameter.

CWE-89 Dec 13, 2017

CVE-2017-17580 9.8 CRITICAL 1 PoC Analysis EPSS 0.02

Linkedin Clone - SQL Injection

FS Linkedin Clone 1.0 has SQL Injection via the group.php grid parameter, profile.php fid parameter, or company_details.php id parameter.

CWE-89 Dec 13, 2017

CVE-2017-17579 9.8 CRITICAL 1 PoC Analysis EPSS 0.02

Freelancer Clone - SQL Injection

FS Freelancer Clone 1.0 has SQL Injection via the profile.php u parameter.

CWE-89 Dec 13, 2017

CVE-2017-17578 9.8 CRITICAL 1 PoC Analysis EPSS 0.02

Crowdfunding Script - SQL Injection

FS Crowdfunding Script 1.0 has SQL Injection via the latest_news_details.php id parameter.

CWE-89 Dec 13, 2017

CVE-2017-17577 9.8 CRITICAL 1 PoC Analysis EPSS 0.02

Trademe Clone - SQL Injection

FS Trademe Clone 1.0 has SQL Injection via the search_item.php search parameter or the general_item_details.php id parameter.

CWE-89 Dec 13, 2017

CVE-2017-17576 9.8 CRITICAL 1 PoC Analysis EPSS 0.02

Gigs Script - SQL Injection

FS Gigs Script 1.0 has SQL Injection via the browse-category.php cat parameter, browse-scategory.php sc parameter, or service-provider.php ser parameter.

CWE-89 Dec 13, 2017

CVE-2017-17575 9.8 CRITICAL 1 PoC Analysis EPSS 0.02

Groupon Clone - SQL Injection

FS Groupon Clone 1.0 has SQL Injection via the item_details.php id parameter or the vendor_details.php id parameter.

CWE-89 Dec 13, 2017

CVE-2017-17574 9.8 CRITICAL 1 PoC Analysis EPSS 0.02

Care Clone - SQL Injection

FS Care Clone 1.0 has SQL Injection via the searchJob.php jobType or jobFrequency parameter.

CWE-89 Dec 13, 2017

CVE-2017-17573 9.8 CRITICAL 1 PoC Analysis EPSS 0.03

Fortunescripts Ebay Clone - SQL Injection

FS Ebay Clone 1.0 has SQL Injection via the product.php id parameter, or the search.php category_id or sub_category_id parameter.

CWE-89 Dec 13, 2017

CVE-2017-17572 9.8 CRITICAL 1 PoC Analysis EPSS 0.02

Amazon Clone - SQL Injection

FS Amazon Clone 1.0 has SQL Injection via the PATH_INFO to /VerAyari.

CWE-89 Dec 13, 2017

CVE-2017-17571 9.8 CRITICAL 1 PoC Analysis EPSS 0.02

Foodpanda Clone - SQL Injection

FS Foodpanda Clone 1.0 has SQL Injection via the /food keywords parameter.

CWE-89 Dec 13, 2017

CVE-2017-17570 9.8 CRITICAL 1 PoC Analysis EPSS 0.02

Expedia Clone - SQL Injection

FS Expedia Clone 1.0 has SQL Injection via the pages.php or content.php id parameter, or the show-flight-result.php fl_orig or fl_dest parameter.

CWE-89 Dec 13, 2017

CVE-2017-14742 9.8 CRITICAL 1 PoC Analysis EPSS 0.01

LabF nfsAxe FTP client <3.7 - RCE

Buffer overflow in LabF nfsAxe FTP client 3.7 allows an attacker to execute code remotely.

CWE-119 Oct 25, 2019

CVE-2017-17648 9.8 CRITICAL 1 PoC Analysis EPSS 0.01

Entrepreneur Dating Script - SQL Injection

Entrepreneur Dating Script 2.0.1 has SQL Injection via the search_result.php marital, gender, country, or profileid parameter.

CWE-89 Dec 13, 2017

CVE-2017-17616 9.8 CRITICAL 1 PoC Analysis EPSS 0.03

Event Calendar Category Script - SQL Injection

Event Search Script 1.0 has SQL Injection via the /event-list city parameter.

CWE-89 Dec 13, 2017