CVE-2017-17110

CRITICAL

Techno Portfolio Management Panel 1.0 - SQL Injection

Title source: llm

Description

Techno Portfolio Management Panel 1.0 allows an attacker to inject SQL commands via a single.php?id= request.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Ihsan Sencan · textwebappsphp
https://www.exploit-db.com/exploits/43211

References (2)

Scores

CVSS v3 9.8
EPSS 0.1771
EPSS Percentile 95.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-89
Status published
Products (1)
techno_-_portfolio_management_panel_project/techno_-_portfolio_management_panel 2017-11-16
Published Dec 11, 2017
Tracked Since Feb 18, 2026