Search Results (19782 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2017-15966 1 Zh Yandexmap Project 1 Zh Yandexmap 2025-04-20 N/A
The Zh YandexMap (aka com_zhyandexmap) component 6.1.1.0 for Joomla! allows SQL Injection via the placemarklistid parameter to index.php.
CVE-2017-15971 1 Softdatepro 1 Same Date Pro 2025-04-20 9.8 Critical
Same Sex Dating Software Pro 1.0 allows SQL Injection via the viewprofile.php profid parameter, the viewmessage.php sender_id parameter, or the /admin Email field, a related issue to CVE-2017-15972.
CVE-2017-6492 1 Admidio 1 Admidio 2025-04-20 N/A
SQL Injection was discovered in adm_program/modules/dates/dates_function.php in Admidio 3.2.5. The POST parameter dat_cat_id is concatenated into a SQL query without any input validation/sanitization.
CVE-2017-17577 1 Trademe Clone Project 1 Trademe Clone 2025-04-20 9.8 Critical
FS Trademe Clone 1.0 has SQL Injection via the search_item.php search parameter or the general_item_details.php id parameter.
CVE-2017-17580 1 Linkedin Clone Project 1 Linkedin Clone 2025-04-20 9.8 Critical
FS Linkedin Clone 1.0 has SQL Injection via the group.php grid parameter, profile.php fid parameter, or company_details.php id parameter.
CVE-2017-17589 1 Thumbtack Clone Project 1 Thumbtack Clone 2025-04-20 9.8 Critical
FS Thumbtack Clone 1.0 has SQL Injection via the browse-category.php cat parameter or the browse-scategory.php sc parameter.
CVE-2017-17594 1 Domainsale Php Script Project 1 Domainsale Php Script 2025-04-20 N/A
DomainSale PHP Script 1.0 has SQL Injection via the domain.php id parameter.
CVE-2017-17595 1 Beauty Parlour Booking Script Project 1 Beauty Parlour Booking Script 2025-04-20 N/A
Beauty Parlour Booking Script 1.0 has SQL Injection via the /list gender or city parameter.
CVE-2017-17597 1 Nearbuy Clone Script Project 1 Nearbuy Clone Script 2025-04-20 N/A
Nearbuy Clone Script 3.2 has SQL Injection via the category_list.php search parameter.
CVE-2017-17604 1 Entrepreneur Bus Booking Script Project 1 Entrepreneur Bus Booking Script 2025-04-20 N/A
Entrepreneur Bus Booking Script 3.0.4 has SQL Injection via the booker_details.php sourcebus parameter.
CVE-2017-17610 1 E-commerce Mlm Software Project 1 E-commerce Mlm Software 2025-04-20 N/A
E-commerce MLM Software 1.0 has SQL Injection via the service_detail.php pid parameter, event_detail.php eventid parameter, or news_detail.php newid parameter.
CVE-2017-17611 1 Doctor Search Script Project 1 Doctor Search Script 2025-04-20 N/A
Doctor Search Script 1.0 has SQL Injection via the /list city parameter.
CVE-2017-17613 1 Freelance Website Script Project 1 Freelance Website Script 2025-04-20 N/A
Freelance Website Script 2.0.6 has SQL Injection via the jobdetails.php pr_id parameter or the searchbycat_list.php catid parameter.
CVE-2017-17615 1 Facebook Clone Script Project 1 Facebook Clone Script 2025-04-20 N/A
Facebook Clone Script 1.0 has SQL Injection via the friend-profile.php id parameter.
CVE-2017-17620 1 Lawyer Search Script Project 1 Lawyer Search Script 2025-04-20 N/A
Lawyer Search Script 1.1 has SQL Injection via the /lawyer-list city parameter.
CVE-2017-17627 1 Readymade Video Sharing Script Project 1 Readymade Video Sharing Script 2025-04-20 N/A
Readymade Video Sharing Script 3.2 has SQL Injection via the single-video-detail.php report_videos array parameter.
CVE-2017-17632 1 Responsive Events And Movie Ticket Booking Script Project 1 Responsive Events And Movie Ticket Booking Script 2025-04-20 N/A
Responsive Events And Movie Ticket Booking Script 3.2.1 has SQL Injection via the findcity.php q parameter.
CVE-2017-17635 1 Mlm Forex Market Plan Script Project 1 Mlm Forex Market Plan Script 2025-04-20 N/A
MLM Forex Market Plan Script 2.0.4 has SQL Injection via the news_detail.php newid parameter or the event_detail.php eventid parameter.
CVE-2017-17643 1 Lynda Clone Project 1 Lynda Clone 2025-04-20 9.8 Critical
FS Lynda Clone 1.0 has SQL Injection via the keywords parameter to tutorial/.
CVE-2017-5569 1 Eclinicalworks 1 Patient Portal 2025-04-20 N/A
An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. This is a blind SQL injection within the template.jsp, which can be exploited without the need of authentication and via an HTTP POST request, and which can be used to dump database data out to a malicious server, using an out-of-band technique such as select_loadfile().