| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Co-work Space Search Script 1.0 has SQL Injection via the /list city parameter. |
| In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, related to a while loop in paste_tokens in asm/preproc.c. |
| In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_getline in asm/preproc.c that will cause a remote denial of service attack. |
| Basic B2B Script 2.0.8 has SQL Injection via the product_details.php id parameter. |
| The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750. |
| IBM WebSphere MQ 7.5, 8.0, and 9.0 could allow a local user to crash the queue manager agent thread and expose some sensitive information. IBM X-Force ID: 126454. |
| Affiliate MLM Script 1.0 has SQL Injection via the product-category.php key parameter. |
| SuperBeam through 4.1.3, when using the LAN or WiFi Direct Share feature, does not use HTTPS or any integrity-protection mechanism for file transfer, which makes it easier for remote attackers to send crafted files, as demonstrated by APK injection. |
| Weak access controls in the Device Logout functionality on the TP-Link TL-SG108E v1.0.0 allow remote attackers to call the logout functionality, triggering a denial of service condition. |
| DomainSale PHP Script 1.0 has SQL Injection via the domain.php id parameter. |
| Simple Chatting System 1.0 allows Arbitrary File Upload via view/my_profile.php, which places files under uploads/. |
| FS Stackoverflow Clone 1.0 has SQL Injection via the /question keywords parameter. |
| FS Thumbtack Clone 1.0 has SQL Injection via the browse-category.php cat parameter or the browse-scategory.php sc parameter. |
| protobuf allows remote authenticated attackers to cause a heap-based buffer overflow. |
| FS Indiamart Clone 1.0 has SQL Injection via the catcompany.php token parameter, buyleads-details.php id parameter, or company/index.php c parameter. |
| Readymade Video Sharing Script 3.2 has HTML Injection via the single-video-detail.php comment parameter. |
| Advanced World Database 2.0.5 has SQL Injection via the city.php country or state parameter, or the state.php country parameter. |
| MLM Forex Market Plan Script 2.0.4 has SQL Injection via the news_detail.php newid parameter or the event_detail.php eventid parameter. |
| Multireligion Responsive Matrimonial 4.7.2 has SQL Injection via the success-story.php succid parameter. |
| FS Monster Clone 1.0 has SQL Injection via the Employer_Details.php id parameter. |
