Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2017-17580

    FS Linkedin Clone 1.0 has SQL Injection via the group.php grid parameter, profile.php fid parameter, or company_details.php id parameter.... Read more

    Affected Products : linkedin_clone
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17605

    Consumer Complaints Clone Script 1.0 has SQL Injection via the other-user-profile.php id parameter.... Read more

    Affected Products : consumer_complaints_clone_script
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17603

    Advanced Real Estate Script 4.0.7 has SQL Injection via the search-results.php Projectmain, proj_type, searchtext, sell_price, or maxprice parameter.... Read more

    Affected Products : advanced_real_estate_script
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17601

    Cab Booking Script 1.0 has SQL Injection via the /service-list city parameter.... Read more

    Affected Products : cab_booking_script
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17612

    Hot Scripts Clone 3.1 has SQL Injection via the /categories subctid or mctid parameter.... Read more

    Affected Products : hot_scripts_clone
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17634

    Single Theater Booking Script 3.2.1 has SQL Injection via the findcity.php q parameter.... Read more

    Affected Products : single_theater_booking_script
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-17893

    Readymade Video Sharing Script has XSS via the search_video.php search parameter, the viewsubs.php chnlid parameter, or the user-profile-edit.php fname parameter.... Read more

    Affected Products : readymade_video_sharing_script
    • Published: Dec. 27, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17618

    Kickstarter Clone Script 2.0 has SQL Injection via the investcalc.php projid parameter.... Read more

    Affected Products : kickstarter_clone_script
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17643

    FS Lynda Clone 1.0 has SQL Injection via the keywords parameter to tutorial/.... Read more

    Affected Products : lynda_clone
    • Published: Dec. 18, 2017
    • Modified: Apr. 20, 2025

  • 8.8

    HIGH
    CVE-2017-17670

    In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed between a read operation and a free operation.... Read more

    Affected Products : debian_linux vlc_media_player
    • Published: Dec. 15, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17617

    Foodspotting Clone Script 1.0 has SQL Injection via the quicksearch.php q parameter.... Read more

    Affected Products : foodspotting_clone_script
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17621

    Multivendor Penny Auction Clone Script 1.0 has SQL Injection via the PATH_INFO to the /detail URI.... Read more

    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17632

    Responsive Events And Movie Ticket Booking Script 3.2.1 has SQL Injection via the findcity.php q parameter.... Read more

    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17613

    Freelance Website Script 2.0.6 has SQL Injection via the jobdetails.php pr_id parameter or the searchbycat_list.php catid parameter.... Read more

    Affected Products : freelance_website_script
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 5.5

    MEDIUM
    CVE-2017-17816

    In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_getline in asm/preproc.c that will cause a remote denial of service attack.... Read more

    Affected Products : ubuntu_linux netwide_assembler nasm
    • Published: Dec. 21, 2017
    • Modified: Apr. 20, 2025

  • 6.1

    MEDIUM
    CVE-2017-17826

    The Configuration component of Piwigo 2.9.2 is vulnerable to Persistent Cross Site Scripting via the gallery_title parameter in an admin.php?page=configuration&section=main request. An attacker can exploit this to hijack a client's browser along with the ... Read more

    Affected Products : piwigo
    • Published: Dec. 21, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17639

    Muslim Matrimonial Script 3.02 has SQL Injection via the success-story.php succid parameter.... Read more

    Affected Products : muslim_matrimonial_script
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17640

    Advanced World Database 2.0.5 has SQL Injection via the city.php country or state parameter, or the state.php country parameter.... Read more

    Affected Products : advanced_world_database
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17635

    MLM Forex Market Plan Script 2.0.4 has SQL Injection via the news_detail.php newid parameter or the event_detail.php eventid parameter.... Read more

    Affected Products : mlm_forex_market_plan_script
    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025

  • 9.8

    CRITICAL
    CVE-2017-17633

    Multiplex Movie Theater Booking Script 3.1.5 has SQL Injection via the trailer-detail.php moid parameter, show-time.php moid parameter, or event-detail.php eid parameter.... Read more

    • Published: Dec. 13, 2017
    • Modified: Apr. 20, 2025
Showing 20 of 294837 Results