Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE CVE VULNERABILITY TITLE RISK
2017-12-13 CVE-2017-17616 SQL Injection vulnerability in Event Calendar Category Script Project Event Calendar Category Script 1.0
Event Search Script 1.0 has SQL Injection via the /event-list city parameter.
network
low complexity
event-calendar-category-script-project CWE-89
critical
9.8
2017-12-13 CVE-2017-17615 SQL Injection vulnerability in Facebook Clone Script Project Facebook Clone Script 1.0
Facebook Clone Script 1.0 has SQL Injection via the friend-profile.php id parameter.
network
low complexity
facebook-clone-script-project CWE-89
8.8
2017-12-13 CVE-2017-17614 SQL Injection vulnerability in Hotel Restaurant Reviews and Feedback Script Project Hotel Restaurant Reviews and Feedback Script 1.0
Food Order Script 1.0 has SQL Injection via the /list city parameter.
9.8
2017-12-13 CVE-2017-17613 SQL Injection vulnerability in Freelance Website Script Project Freelance Website Script 2.0.6
Freelance Website Script 2.0.6 has SQL Injection via the jobdetails.php pr_id parameter or the searchbycat_list.php catid parameter.
network
low complexity
freelance-website-script-project CWE-89
critical
9.8
2017-12-13 CVE-2017-17612 SQL Injection vulnerability in HOT Scripts Clone Project HOT Scripts Clone 3.1
Hot Scripts Clone 3.1 has SQL Injection via the /categories subctid or mctid parameter.
network
low complexity
hot-scripts-clone-project CWE-89
critical
9.8
2017-12-13 CVE-2017-17611 SQL Injection vulnerability in Doctor Search Script Project Doctor Search Script 1.0
Doctor Search Script 1.0 has SQL Injection via the /list city parameter.
network
low complexity
doctor-search-script-project CWE-89
critical
9.8
2017-12-13 CVE-2017-17610 SQL Injection vulnerability in E-Commerce MLM Software Project E-Commerce MLM Software 1.0
E-commerce MLM Software 1.0 has SQL Injection via the service_detail.php pid parameter, event_detail.php eventid parameter, or news_detail.php newid parameter.
network
low complexity
e-commerce-mlm-software-project CWE-89
critical
9.8
2017-12-13 CVE-2017-17609 SQL Injection vulnerability in Chartered Accountant Booking Script Project Chartered Accountant Booking Script 1.0
Chartered Accountant Booking Script 1.0 has SQL Injection via the /service-list city parameter.
network
low complexity
chartered-accountant-booking-script-project CWE-89
critical
9.8
2017-12-13 CVE-2017-17608 SQL Injection vulnerability in Kindergarten - Elementary School Listing Script Project Kindergarten - Elementary School Listing Script 1.0
Child Care Script 1.0 has SQL Injection via the /list city parameter.
9.8
2017-12-13 CVE-2017-17607 SQL Injection vulnerability in CMS Auditor Website Project CMS Auditor Website 1.0
CMS Auditor Website 1.0 has SQL Injection via the PATH_INFO to /news-detail.
network
low complexity
cms-auditor-website-project CWE-89
critical
9.8