Search Results (19026 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-17598 1 Affiliate Mlm Script Project 1 Affiliate Mlm Script 2025-04-20 N/A
Affiliate MLM Script 1.0 has SQL Injection via the product-category.php key parameter.
CVE-2017-17597 1 Nearbuy Clone Script Project 1 Nearbuy Clone Script 2025-04-20 N/A
Nearbuy Clone Script 3.2 has SQL Injection via the category_list.php search parameter.
CVE-2016-0769 1 Elfden 1 Eshop Plugin 2025-04-20 N/A
Multiple SQL injection vulnerabilities in eshop-orders.php in the eShop plugin 6.3.14 for WordPress allow (1) remote administrators to execute arbitrary SQL commands via the delid parameter or remote authenticated users to execute arbitrary SQL commands via the (2) view, (3) mark, or (4) change parameter.
CVE-2017-17596 1 Entrepreneur Job Portal Script Project 1 Entrepreneur Job Portal Script 2025-04-20 N/A
Entrepreneur Job Portal Script 2.0.6 has SQL Injection via the jobsearch_all.php rid1 parameter.
CVE-2017-17589 1 Thumbtack Clone Project 1 Thumbtack Clone 2025-04-20 9.8 Critical
FS Thumbtack Clone 1.0 has SQL Injection via the browse-category.php cat parameter or the browse-scategory.php sc parameter.
CVE-2016-7789 1 Exponentcms 1 Exponent Cms 2025-04-20 N/A
SQL injection vulnerability in framework/core/models/expConfig.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the apikey parameter.
CVE-2017-17588 1 Imdb Clone Project 1 Imdb Clone 2025-04-20 9.8 Critical
FS IMDB Clone 1.0 has SQL Injection via the movie.php f parameter, tvshow.php s parameter, or show_misc_video.php id parameter.
CVE-2017-17586 1 Olx Clone Project 1 Olx Clone 2025-04-20 9.8 Critical
FS Olx Clone 1.0 has SQL Injection via the subpage.php scat parameter or the message.php pid parameter.
CVE-2017-17579 1 Freelancer Clone Project 1 Freelancer Clone 2025-04-20 9.8 Critical
FS Freelancer Clone 1.0 has SQL Injection via the profile.php u parameter.
CVE-2017-14842 1 Dasinfomedia 1 Smsmaster Multipurpose Sms Gateway 2025-04-20 N/A
Mojoomla SMSmaster Multipurpose SMS Gateway for WordPress allows SQL Injection via the id parameter.
CVE-2017-17578 1 Crowdfunding Script Project 1 Crowdfunding Script 2025-04-20 9.8 Critical
FS Crowdfunding Script 1.0 has SQL Injection via the latest_news_details.php id parameter.
CVE-2017-17577 1 Trademe Clone Project 1 Trademe Clone 2025-04-20 9.8 Critical
FS Trademe Clone 1.0 has SQL Injection via the search_item.php search parameter or the general_item_details.php id parameter.
CVE-2017-17571 1 Foodpanda Clone Project 1 Foodpanda Clone 2025-04-20 9.8 Critical
FS Foodpanda Clone 1.0 has SQL Injection via the /food keywords parameter.
CVE-2017-17570 1 Expedia Clone Project 1 Expedia Clone 2025-04-20 9.8 Critical
FS Expedia Clone 1.0 has SQL Injection via the pages.php or content.php id parameter, or the show-flight-result.php fl_orig or fl_dest parameter.
CVE-2017-6050 1 Ecava 1 Integraxor 2025-04-20 N/A
A SQL Injection issue was discovered in Ecava IntegraXor Versions 5.2.1231.0 and prior. The application fails to properly validate user input, which may allow for an unauthenticated attacker to remotely execute arbitrary code in the form of SQL queries.
CVE-2016-7783 1 Exponentcms 1 Exponent Cms 2025-04-20 N/A
SQL injection vulnerability in framework/core/models/expRecord.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter.
CVE-2017-17567 1 Scubez 1 Posty Readymade Classifieds 2025-04-20 N/A
Scubez Posty Readymade Classifieds has SQL Injection via the admin/user_activate_submit.php ID parameter.
CVE-2016-7781 1 Exponentcms 1 Exponent Cms 2025-04-20 N/A
SQL injection vulnerability in framework/modules/blog/controllers/blogController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the author parameter.
CVE-2017-6065 1 Metalgenix 1 Genixcms 2025-04-20 N/A
SQL injection vulnerability in inc/lib/Control/Backend/menus.control.php in GeniXCMS through 1.0.2 allows remote authenticated users to execute arbitrary SQL commands via the order parameter.
CVE-2014-2023 1 Tapatalk 1 Tapatalk 2025-04-20 N/A
Multiple SQL injection vulnerabilities in the Tapatalk plugin 4.9.0 and earlier and 5.x through 5.2.1 for vBulletin allow remote attackers to execute arbitrary SQL commands via a crafted xmlrpc API request to (1) unsubscribe_forum.php or (2) unsubscribe_topic.php in mobiquo/functions/.