Vulnerabilities > Fortunescripts

DATE CVE VULNERABILITY TITLE RISK
2017-12-27 CVE-2017-17904 Cross-site Scripting vulnerability in Fortunescripts Lynda Clone 1.0
FS Lynda Clone has XSS via the keywords parameter to tutorial/ or the edit_profile_first_name parameter to user/edit_profile.
3.5
2017-12-27 CVE-2017-17903 Cross-Site Request Forgery (CSRF) vulnerability in Fortunescripts Lynda Clone 1.0
FS Lynda Clone has CSRF via user/edit_profile, as demonstrated by adding content to the user panel.
6.8
2017-12-18 CVE-2017-17643 SQL Injection vulnerability in Fortunescripts Lynda Clone 1.0
FS Lynda Clone 1.0 has SQL Injection via the keywords parameter to tutorial/.
network
low complexity
fortunescripts CWE-89
7.5
2017-12-13 CVE-2017-17589 SQL Injection vulnerability in Fortunescripts Thumbtack Clone 1.0
FS Thumbtack Clone 1.0 has SQL Injection via the browse-category.php cat parameter or the browse-scategory.php sc parameter.
network
low complexity
fortunescripts CWE-89
7.5
2017-12-13 CVE-2017-17588 SQL Injection vulnerability in Fortunescripts Imdb Clone 1.0
FS IMDB Clone 1.0 has SQL Injection via the movie.php f parameter, tvshow.php s parameter, or show_misc_video.php id parameter.
network
low complexity
fortunescripts CWE-89
7.5
2017-12-13 CVE-2017-17587 SQL Injection vulnerability in Fortunescripts Indiamart Clone 1.0
FS Indiamart Clone 1.0 has SQL Injection via the catcompany.php token parameter, buyleads-details.php id parameter, or company/index.php c parameter.
network
low complexity
fortunescripts CWE-89
7.5
2017-12-13 CVE-2017-17586 SQL Injection vulnerability in Fortunescripts OLX Clone 1.0
FS Olx Clone 1.0 has SQL Injection via the subpage.php scat parameter or the message.php pid parameter.
network
low complexity
fortunescripts CWE-89
7.5
2017-12-13 CVE-2017-17585 SQL Injection vulnerability in Fortunescripts Monster Clone 1.0
FS Monster Clone 1.0 has SQL Injection via the Employer_Details.php id parameter.
network
low complexity
fortunescripts CWE-89
7.5
2017-12-13 CVE-2017-17584 SQL Injection vulnerability in Fortunescripts Makemytrip Clone 1.0
FS Makemytrip Clone 1.0 has SQL Injection via the show-flight-result.php fl_orig or fl_dest parameter.
network
low complexity
fortunescripts CWE-89
7.5
2017-12-13 CVE-2017-17583 SQL Injection vulnerability in Fortunescripts Shutterstock Clone 1.0
FS Shutterstock Clone 1.0 has SQL Injection via the /Category keywords parameter.
network
low complexity
fortunescripts CWE-89
7.5