Scubez Posty Readymade Classifieds — known CVE vulnerabilities
Every CVE whose affected-product data names Scubez Posty Readymade Classifieds, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2017-17111 — CVSS 9.8 (critical): Posty Readymade Classifieds Script 1.0 allows an attacker to inject SQL commands via a listings.php?catid= or ads-details.php?ID= request.
CVE-2017-17567 — CVSS 7.5 (high): Scubez Posty Readymade Classifieds has SQL Injection via the admin/user_activate_submit.php ID parameter.
CVE-2017-17568 — CVSS 7.5 (high): Scubez Posty Readymade Classifieds has Incorrect Access Control for visiting admin/user_activate_submit.php (aka the backend PHP script)…