Vulnerabilities > Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2017-12-13	CVE-2017-17573	SQL Injection vulnerability in Fortunescripts Ebay Clone 1.0 FS Ebay Clone 1.0 has SQL Injection via the product.php id parameter, or the search.php category_id or sub_category_id parameter. network low complexity fortunescripts CWE-89 critical	9.8
2017-12-13	CVE-2017-17572	SQL Injection vulnerability in Amazon Clone Project Amazon Clone 1.0 FS Amazon Clone 1.0 has SQL Injection via the PATH_INFO to /VerAyari. network low complexity amazon-clone-project CWE-89 critical	9.8
2017-12-13	CVE-2017-17571	SQL Injection vulnerability in Foodpanda Clone Project Foodpanda Clone 1.0 FS Foodpanda Clone 1.0 has SQL Injection via the /food keywords parameter. network low complexity foodpanda-clone-project CWE-89 critical	9.8
2017-12-13	CVE-2017-17570	SQL Injection vulnerability in Expedia Clone Project Expedia Clone 1.0 FS Expedia Clone 1.0 has SQL Injection via the pages.php or content.php id parameter, or the show-flight-result.php fl_orig or fl_dest parameter. network low complexity expedia-clone-project CWE-89 critical	9.8
2017-12-12	CVE-2017-11899	Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016 Device Guard in Windows 10 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows a security feature bypass vulnerability due to the way untrusted files are handled, aka "Microsoft Windows Security Feature Bypass Vulnerability". network low complexity microsoft critical	9.8
2017-12-12	CVE-2017-17560	Improper Authentication vulnerability in Westerndigital MY Cloud Pr4100 Firmware 2.30.172 An issue was discovered on Western Digital MyCloud PR4100 2.30.172 devices. network low complexity westerndigital CWE-287 critical	9.8
2017-12-12	CVE-2017-16684	Improper Authentication vulnerability in SAP Business Intelligence Promotion Management Application 4.10/4.20/4.30 SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, and 4.30, does not perform authentication checks for functionalities that require user identity. network low complexity sap CWE-287 critical	9.8
2017-12-11	CVE-2017-15896	Unspecified vulnerability in Nodejs Node.Js Node.js was affected by OpenSSL vulnerability CVE-2017-3737 in regards to the use of SSL_read() due to TLS handshake failure. network low complexity nodejs critical	9.1
2017-12-11	CVE-2017-17111	SQL Injection vulnerability in Scubez Posty Readymade Classifieds 1.0 Posty Readymade Classifieds Script 1.0 allows an attacker to inject SQL commands via a listings.php?catid= or ads-details.php?ID= request. network low complexity scubez CWE-89 critical	9.8
2017-12-11	CVE-2017-17110	SQL Injection vulnerability in Techno - Portfolio Management Panel Project Techno - Portfolio Management Panel 20171116 Techno Portfolio Management Panel 1.0 allows an attacker to inject SQL commands via a single.php?id= request. network low complexity techno-portfolio-management-panel-project CWE-89 critical	9.8

Vulnerabilities > Critical {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Critical"}]}

Vulnerabilities > Critical