Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE CVE VULNERABILITY TITLE RISK
2017-12-13 CVE-2017-17606 SQL Injection vulnerability in Co-Work Space Search Script Project Co-Work Space Search Script 1.0
Co-work Space Search Script 1.0 has SQL Injection via the /list city parameter.
network
low complexity
co-work-space-search-script-project CWE-89
critical
9.8
2017-12-13 CVE-2017-17605 SQL Injection vulnerability in Consumer Complaints Clone Script Project Consumer Complaints Clone Script 1.0
Consumer Complaints Clone Script 1.0 has SQL Injection via the other-user-profile.php id parameter.
network
low complexity
consumer-complaints-clone-script-project CWE-89
critical
9.8
2017-12-13 CVE-2017-17604 SQL Injection vulnerability in Entrepreneur BUS Booking Script Project Entrepreneur BUS Booking Script 3.0.4
Entrepreneur Bus Booking Script 3.0.4 has SQL Injection via the booker_details.php sourcebus parameter.
network
low complexity
entrepreneur-bus-booking-script-project CWE-89
critical
9.8
2017-12-13 CVE-2017-17603 SQL Injection vulnerability in Advanced Real Estate Script Project Advanced Real Estate Script 4.0.7
Advanced Real Estate Script 4.0.7 has SQL Injection via the search-results.php Projectmain, proj_type, searchtext, sell_price, or maxprice parameter.
network
low complexity
advanced-real-estate-script-project CWE-89
critical
9.8
2017-12-13 CVE-2017-17602 SQL Injection vulnerability in Advance B2B Script Project Advance B2B Script 2.1.3
Advance B2B Script 2.1.3 has SQL Injection via the tradeshow-list-detail.php show_id or view-product.php pid parameter.
network
low complexity
advance-b2b-script-project CWE-89
critical
9.8
2017-12-13 CVE-2017-17601 SQL Injection vulnerability in CAB Booking Script Project CAB Booking Script 1.0
Cab Booking Script 1.0 has SQL Injection via the /service-list city parameter.
network
low complexity
cab-booking-script-project CWE-89
critical
9.8
2017-12-13 CVE-2017-17600 SQL Injection vulnerability in Basic B2B Script Project Basic B2B Script 2.0.8
Basic B2B Script 2.0.8 has SQL Injection via the product_details.php id parameter.
network
low complexity
basic-b2b-script-project CWE-89
critical
9.8
2017-12-13 CVE-2017-17599 SQL Injection vulnerability in Advance Online Learning Management Script Project Advance Online Learning Management Script 3.1
Advance Online Learning Management Script 3.1 has SQL Injection via the courselist.php subcatid or popcourseid parameter.
9.8
2017-12-13 CVE-2017-17598 SQL Injection vulnerability in Affiliate MLM Script Project Affiliate MLM Script 1.0
Affiliate MLM Script 1.0 has SQL Injection via the product-category.php key parameter.
network
low complexity
affiliate-mlm-script-project CWE-89
critical
9.8
2017-12-13 CVE-2017-17597 SQL Injection vulnerability in Nearbuy Clone Script Project Nearbuy Clone Script 3.2
Nearbuy Clone Script 3.2 has SQL Injection via the category_list.php search parameter.
network
low complexity
nearbuy-clone-script-project CWE-89
critical
9.8