Search Results (19635 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-17610 1 E-commerce Mlm Software Project 1 E-commerce Mlm Software 2025-04-20 N/A
E-commerce MLM Software 1.0 has SQL Injection via the service_detail.php pid parameter, event_detail.php eventid parameter, or news_detail.php newid parameter.
CVE-2017-17892 1 Readymade Video Sharing Script Project 1 Readymade Video Sharing Script 2025-04-20 N/A
Readymade Video Sharing Script has SQL Injection via the viewsubs.php chnlid parameter or the search_video.php search parameter.
CVE-2017-17615 1 Facebook Clone Script Project 1 Facebook Clone Script 2025-04-20 N/A
Facebook Clone Script 1.0 has SQL Injection via the friend-profile.php id parameter.
CVE-2017-17622 1 Online Exam Test Application Script Project 1 Online Exam Test Application Script 2025-04-20 N/A
Online Exam Test Application Script 1.6 has SQL Injection via the exams.php sort parameter.
CVE-2017-17623 1 Opensource Classified Ads Script Project 1 Opensource Classified Ads Script 2025-04-20 N/A
Opensource Classified Ads Script 3.2 has SQL Injection via the advance_result.php keyword parameter.
CVE-2017-17624 1 Php Multivendor Ecommerce Project 1 Php Multivendor Ecommerce 2025-04-20 N/A
PHP Multivendor Ecommerce 1.0 has SQL Injection via the single_detail.php sid parameter, or the category.php searchcat or chid1 parameter.
CVE-2017-17627 1 Readymade Video Sharing Script Project 1 Readymade Video Sharing Script 2025-04-20 N/A
Readymade Video Sharing Script 3.2 has SQL Injection via the single-video-detail.php report_videos array parameter.
CVE-2017-17629 1 Secure E-commerce Script Project 1 Secure E-commerce Script 2025-04-20 N/A
Secure E-commerce Script 2.0.1 has SQL Injection via the category.php searchmain or searchcat parameter, or the single_detail.php sid parameter.
CVE-2017-17643 1 Lynda Clone Project 1 Lynda Clone 2025-04-20 9.8 Critical
FS Lynda Clone 1.0 has SQL Injection via the keywords parameter to tutorial/.
CVE-2017-17645 1 Phpautoclassifiedscript 1 Bus Booking Script 2025-04-20 N/A
Bus Booking Script 1.0 has SQL Injection via the txtname parameter to admin/index.php.
CVE-2017-17648 1 Entrepreneur Dating Script Project 1 Entrepreneur Dating Script 2025-04-20 N/A
Entrepreneur Dating Script 2.0.1 has SQL Injection via the search_result.php marital, gender, country, or profileid parameter.
CVE-2017-17651 1 Paid To Read Script Project 1 Paid To Read Script 2025-04-20 N/A
Paid To Read Script 2.0.5 has SQL Injection via the admin/userview.php uid parameter, the admin/viewemcamp.php fnum parameter, or the admin/viewvisitcamp.php fn parameter.
CVE-2017-2241 2 Apple, Hammock 2 Mac Os X, Assetview 2025-04-20 N/A
SQL injection vulnerability in the AssetView for MacOS Ver.9.2.0 and earlier versions allows remote attackers to execute arbitrary SQL commands via "File Transfer Web Service".
CVE-2017-15907 1 Phpcollab 1 Phpcollab 2025-04-20 N/A
SQL injection vulnerability in phpCollab 2.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter to newsdesk/newsdesk.php.
CVE-2017-17695 1 Techno - Portfolio Management Panel Project 1 Techno - Portfolio Management Panel 2025-04-20 N/A
Techno - Portfolio Management Panel through 2017-11-16 allows SQL Injection via the panel/search.php s parameter.
CVE-2017-15919 1 Accesspressthemes 1 Ultimate-form-builder-lite 2025-04-20 N/A
The ultimate-form-builder-lite plugin before 1.3.7 for WordPress has SQL Injection, with resultant PHP Object Injection, via wp-admin/admin-ajax.php.
CVE-2017-15949 1 Angry-frog 1 Xavier 2025-04-20 N/A
Xavier PHP Management Panel 2.4 allows SQL injection via the usertoedit parameter to admin/adminuseredit.php or the log_id parameter to admin/editgroup.php.
CVE-2017-15972 1 Softdatepro 1 Dating Software 2025-04-20 N/A
SoftDatepro Dating Social Network 1.3 allows SQL Injection via the viewprofile.php profid parameter, the viewmessage.php sender_id parameter, or the /admin Email field, a related issue to CVE-2017-15971.
CVE-2017-17721 1 Zuuse 1 Beims Contractorweb .net 2025-04-20 N/A
CWEBNET/WOSummary/List in ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows SQL injection via the tradestatus, assetno, assignto, building, domain, jobtype, site, trade, woType, workorderno, or workorderstatus parameter.
CVE-2017-15974 1 Datacomponents 1 Tpanel 2025-04-20 N/A
tPanel 2009 allows SQL injection for Authentication Bypass via 'or 1=1 or ''=' to login.php.