CVE-2017-17640
CRITICALAdvanced World Database - SQL Injection
Title source: ruleDescription
Advanced World Database 2.0.5 has SQL Injection via the city.php country or state parameter, or the state.php country parameter.
Exploits (1)
Scores
CVSS v3
9.8
EPSS
0.0251
EPSS Percentile
85.4%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-89
Status
published
Products (1)
advanced_world_database_project/advanced_world_database
2.0.5
Published
Dec 13, 2017
Tracked Since
Feb 18, 2026