CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2017-17928

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1590%
EPSS Percentile22.99th
Published2017年12月27日
Last Modified2026年5月13日

Vulnerability Description

PHP Scripts Mall Professional Service Script has SQL injection via the admin/review.php id parameter.

Affected Platforms (CPE)

📦
Ordermanagementscript

Professional Service Script

All versions

References & Advisories

🔗 https://github.com/d4wner/Vulnerabilities-Report/blob/master/Professional-Service-Script.md
🔗 https://github.com/d4wner/Vulnerabilities-Report/blob/master/Professional-Service-Script.md

相關漏洞威脅

CVE-2017-176259.8

Professional Service Script 1.0 has SQL Injection via the service-list city parameter.

CVE-2017-179308.8

PHP Scripts Mall Professional Service Script has CSRF via admin/general_settingupd.php, as demonstrated by modifying a setting in ...

CVE-2017-31805.4

Multiple TIBCO Products are prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly saniti...

CVE-2017-179275.3

PHP Scripts Mall Professional Service Script allows remote attackers to obtain sensitive full-path information via a crafted PATH_...