Security Vulnerabilities - CVEs Published In December 2017
FS Olx Clone 1.0 has SQL Injection via the subpage.php scat parameter or the message.php pid parameter.
CVSS Score
9.8
EPSS Score
0.024
Published
2017-12-13
FS Indiamart Clone 1.0 has SQL Injection via the catcompany.php token parameter, buyleads-details.php id parameter, or company/index.php c parameter.
CVSS Score
9.8
EPSS Score
0.024
Published
2017-12-13
FS IMDB Clone 1.0 has SQL Injection via the movie.php f parameter, tvshow.php s parameter, or show_misc_video.php id parameter.
CVSS Score
9.8
EPSS Score
0.024
Published
2017-12-13
FS Thumbtack Clone 1.0 has SQL Injection via the browse-category.php cat parameter or the browse-scategory.php sc parameter.
CVSS Score
9.8
EPSS Score
0.024
Published
2017-12-13
FS Stackoverflow Clone 1.0 has SQL Injection via the /question keywords parameter.
CVSS Score
9.8
EPSS Score
0.006
Published
2017-12-13
Realestate Crowdfunding Script 2.7.2 has SQL Injection via the single-cause.php pid parameter.
CVSS Score
9.8
EPSS Score
0.021
Published
2017-12-13
Website Auction Marketplace 2.0.5 has SQL Injection via the search.php cat_id parameter.
CVSS Score
9.8
EPSS Score
0.025
Published
2017-12-13
Simple Chatting System 1.0 allows Arbitrary File Upload via view/my_profile.php, which places files under uploads/.
CVSS Score
7.5
EPSS Score
0.162
Published
2017-12-13
DomainSale PHP Script 1.0 has SQL Injection via the domain.php id parameter.
CVSS Score
9.8
EPSS Score
0.025
Published
2017-12-13
Beauty Parlour Booking Script 1.0 has SQL Injection via the /list gender or city parameter.
CVSS Score
9.8
EPSS Score
0.025
Published
2017-12-13