Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE CVE VULNERABILITY TITLE RISK
2017-12-13 CVE-2017-17622 SQL Injection vulnerability in Online Exam Test Application Script Project Online Exam Test Application Script 1.6
Online Exam Test Application Script 1.6 has SQL Injection via the exams.php sort parameter.
network
low complexity
online-exam-test-application-script-project CWE-89
critical
 9.8
9.8
2017-12-13 CVE-2017-17621 SQL Injection vulnerability in Multivendor Penny Auction Clone Script Project Multivendor Penny Auction Clone Script 1.0
Multivendor Penny Auction Clone Script 1.0 has SQL Injection via the PATH_INFO to the /detail URI.
network
low complexity
multivendor-penny-auction-clone-script-project CWE-89
critical
 9.8
9.8
2017-12-13 CVE-2017-17620 SQL Injection vulnerability in Lawyer Search Script Project Lawyer Search Script 1.1
Lawyer Search Script 1.1 has SQL Injection via the /lawyer-list city parameter.
network
low complexity
lawyer-search-script-project CWE-89
critical
 9.8
9.8
2017-12-13 CVE-2017-17619 SQL Injection vulnerability in Laundry Booking Script Project Laundry Booking Script 1.0
Laundry Booking Script 1.0 has SQL Injection via the /list city parameter.
network
low complexity
laundry-booking-script-project CWE-89
critical
 9.8
9.8
2017-12-13 CVE-2017-17618 SQL Injection vulnerability in Kickstarter Clone Script Project Kickstarter Clone Script 2.0
Kickstarter Clone Script 2.0 has SQL Injection via the investcalc.php projid parameter.
network
low complexity
kickstarter-clone-script-project CWE-89
critical
 9.8
9.8
2017-12-13 CVE-2017-17617 SQL Injection vulnerability in Foodspotting Clone Script Project Foodspotting Clone Script 1.0
Foodspotting Clone Script 1.0 has SQL Injection via the quicksearch.php q parameter.
network
low complexity
foodspotting-clone-script-project CWE-89
critical
 9.8
9.8
2017-12-13 CVE-2017-17616 SQL Injection vulnerability in Event Calendar Category Script Project Event Calendar Category Script 1.0
Event Search Script 1.0 has SQL Injection via the /event-list city parameter.
network
low complexity
event-calendar-category-script-project CWE-89
critical
 9.8
9.8
2017-12-13 CVE-2017-17615 SQL Injection vulnerability in Facebook Clone Script Project Facebook Clone Script 1.0
Facebook Clone Script 1.0 has SQL Injection via the friend-profile.php id parameter.
network
low complexity
facebook-clone-script-project CWE-89
8.8
8.8
2017-12-13 CVE-2017-17614 SQL Injection vulnerability in Hotel Restaurant Reviews and Feedback Script Project Hotel Restaurant Reviews and Feedback Script 1.0
Food Order Script 1.0 has SQL Injection via the /list city parameter. 		9.8
9.8
2017-12-13 CVE-2017-17613 SQL Injection vulnerability in Freelance Website Script Project Freelance Website Script 2.0.6
Freelance Website Script 2.0.6 has SQL Injection via the jobdetails.php pr_id parameter or the searchbycat_list.php catid parameter.
network
low complexity
freelance-website-script-project CWE-89
critical
 9.8
9.8