Vulnerabilities > Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

DATE CVE VULNERABILITY TITLE RISK
2017-12-13 CVE-2017-17575 SQL Injection vulnerability in Groupon Clone Project Groupon Clone 1.0
FS Groupon Clone 1.0 has SQL Injection via the item_details.php id parameter or the vendor_details.php id parameter.
network
low complexity
groupon-clone-project CWE-89
critical
9.8
2017-12-13 CVE-2017-17574 SQL Injection vulnerability in Care Clone Project Care Clone 1.0
FS Care Clone 1.0 has SQL Injection via the searchJob.php jobType or jobFrequency parameter.
network
low complexity
care-clone-project CWE-89
critical
9.8
2017-12-13 CVE-2017-17573 SQL Injection vulnerability in Fortunescripts Ebay Clone 1.0
FS Ebay Clone 1.0 has SQL Injection via the product.php id parameter, or the search.php category_id or sub_category_id parameter.
network
low complexity
fortunescripts CWE-89
critical
9.8
2017-12-13 CVE-2017-17572 SQL Injection vulnerability in Amazon Clone Project Amazon Clone 1.0
FS Amazon Clone 1.0 has SQL Injection via the PATH_INFO to /VerAyari.
network
low complexity
amazon-clone-project CWE-89
critical
9.8
2017-12-13 CVE-2017-17571 SQL Injection vulnerability in Foodpanda Clone Project Foodpanda Clone 1.0
FS Foodpanda Clone 1.0 has SQL Injection via the /food keywords parameter.
network
low complexity
foodpanda-clone-project CWE-89
critical
9.8
2017-12-13 CVE-2017-17570 SQL Injection vulnerability in Expedia Clone Project Expedia Clone 1.0
FS Expedia Clone 1.0 has SQL Injection via the pages.php or content.php id parameter, or the show-flight-result.php fl_orig or fl_dest parameter.
network
low complexity
expedia-clone-project CWE-89
critical
9.8
2017-12-13 CVE-2017-17567 SQL Injection vulnerability in Scubez Posty Readymade Classifieds
Scubez Posty Readymade Classifieds has SQL Injection via the admin/user_activate_submit.php ID parameter.
network
low complexity
scubez CWE-89
7.5
2017-12-11 CVE-2017-1606 SQL Injection vulnerability in IBM Financial Transaction Manager
IBM Financial Transaction Manager (FTM) for Multi-Platform (MP) 3.0.0.0 through 3.0.0.7 is vulnerable to SQL injection.
network
low complexity
ibm CWE-89
8.8
2017-12-11 CVE-2017-17111 SQL Injection vulnerability in Scubez Posty Readymade Classifieds 1.0
Posty Readymade Classifieds Script 1.0 allows an attacker to inject SQL commands via a listings.php?catid= or ads-details.php?ID= request.
network
low complexity
scubez CWE-89
critical
9.8
2017-12-11 CVE-2017-17110 SQL Injection vulnerability in Techno - Portfolio Management Panel Project Techno - Portfolio Management Panel 20171116
Techno Portfolio Management Panel 1.0 allows an attacker to inject SQL commands via a single.php?id= request.
network
low complexity
techno-portfolio-management-panel-project CWE-89
critical
9.8