CVE-2017-17651

Paid To Read Script 2.0.5 has SQL Injection via the admin/userview.php uid parameter, the admin/viewemcamp.php fnum parameter, or the admin/viewvisitcamp.php fn parameter.
References
Link Resource
https://packetstormsecurity.com/files/145439/Paid-To-Read-Script-2.0.5-SQL-Injection.html Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/43334/ Exploit Third Party Advisory VDB Entry
https://packetstormsecurity.com/files/145439/Paid-To-Read-Script-2.0.5-SQL-Injection.html Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/43334/ Exploit Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:paid_to_read_script_project:paid_to_read_script:2.0.5:*:*:*:*:*:*:*

History

21 Nov 2024, 03:18

Type Values Removed Values Added
References () https://packetstormsecurity.com/files/145439/Paid-To-Read-Script-2.0.5-SQL-Injection.html - Exploit, Third Party Advisory, VDB Entry () https://packetstormsecurity.com/files/145439/Paid-To-Read-Script-2.0.5-SQL-Injection.html - Exploit, Third Party Advisory, VDB Entry
References () https://www.exploit-db.com/exploits/43334/ - Exploit, Third Party Advisory, VDB Entry () https://www.exploit-db.com/exploits/43334/ - Exploit, Third Party Advisory, VDB Entry

Information

Published : 2017-12-18 09:29

Updated : 2024-11-21 03:18


NVD link : CVE-2017-17651

Mitre link : CVE-2017-17651

CVE.ORG link : CVE-2017-17651


JSON object : View

Products Affected

paid_to_read_script_project

  • paid_to_read_script
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')