Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE CVE VULNERABILITY TITLE RISK
2017-12-13 CVE-2017-17626 SQL Injection vulnerability in Readymade PHP Classified Script Project Readymade PHP Classified Script 3.3
Readymade PHP Classified Script 3.3 has SQL Injection via the /categories subctid or mctid parameter.
network
low complexity
readymade-php-classified-script-project CWE-89
critical
9.8
2017-12-13 CVE-2017-17625 SQL Injection vulnerability in on Demand Marketplace Script Project on Demand Marketplace Script 1.0
Professional Service Script 1.0 has SQL Injection via the service-list city parameter.
network
low complexity
on-demand-marketplace-script-project CWE-89
critical
9.8
2017-12-13 CVE-2017-17624 SQL Injection vulnerability in PHP Multivendor Ecommerce Project PHP Multivendor Ecommerce 1.0
PHP Multivendor Ecommerce 1.0 has SQL Injection via the single_detail.php sid parameter, or the category.php searchcat or chid1 parameter.
network
low complexity
php-multivendor-ecommerce-project CWE-89
critical
9.8
2017-12-13 CVE-2017-17623 SQL Injection vulnerability in Opensource Classified ADS Script Project Opensource Classified ADS Script 3.2
Opensource Classified Ads Script 3.2 has SQL Injection via the advance_result.php keyword parameter.
network
low complexity
opensource-classified-ads-script-project CWE-89
critical
9.8
2017-12-13 CVE-2017-17622 SQL Injection vulnerability in Online Exam Test Application Script Project Online Exam Test Application Script 1.6
Online Exam Test Application Script 1.6 has SQL Injection via the exams.php sort parameter.
network
low complexity
online-exam-test-application-script-project CWE-89
critical
9.8
2017-12-13 CVE-2017-17621 SQL Injection vulnerability in Multivendor Penny Auction Clone Script Project Multivendor Penny Auction Clone Script 1.0
Multivendor Penny Auction Clone Script 1.0 has SQL Injection via the PATH_INFO to the /detail URI.
network
low complexity
multivendor-penny-auction-clone-script-project CWE-89
critical
9.8
2017-12-13 CVE-2017-17620 SQL Injection vulnerability in Lawyer Search Script Project Lawyer Search Script 1.1
Lawyer Search Script 1.1 has SQL Injection via the /lawyer-list city parameter.
network
low complexity
lawyer-search-script-project CWE-89
critical
9.8
2017-12-13 CVE-2017-17619 SQL Injection vulnerability in Laundry Booking Script Project Laundry Booking Script 1.0
Laundry Booking Script 1.0 has SQL Injection via the /list city parameter.
network
low complexity
laundry-booking-script-project CWE-89
critical
9.8
2017-12-13 CVE-2017-17618 SQL Injection vulnerability in Kickstarter Clone Script Project Kickstarter Clone Script 2.0
Kickstarter Clone Script 2.0 has SQL Injection via the investcalc.php projid parameter.
network
low complexity
kickstarter-clone-script-project CWE-89
critical
9.8
2017-12-13 CVE-2017-17617 SQL Injection vulnerability in Foodspotting Clone Script Project Foodspotting Clone Script 1.0
Foodspotting Clone Script 1.0 has SQL Injection via the quicksearch.php q parameter.
network
low complexity
foodspotting-clone-script-project CWE-89
critical
9.8