Chartered Accountant Booking Script 1.0 has SQL Injection via the /service-list city parameter.

Child Care Script 1.0 has SQL Injection via the /list city parameter.

CMS Auditor Website 1.0 has SQL Injection via the PATH_INFO to /news-detail.

Co-work Space Search Script 1.0 has SQL Injection via the /list city parameter.

Consumer Complaints Clone Script 1.0 has SQL Injection via the other-user-profile.php id parameter.

Entrepreneur Bus Booking Script 3.0.4 has SQL Injection via the booker_details.php sourcebus parameter.

Advanced Real Estate Script 4.0.7 has SQL Injection via the search-results.php Projectmain, proj_type, searchtext, sell_price, or maxprice parameter.

Advance B2B Script 2.1.3 has SQL Injection via the tradeshow-list-detail.php show_id or view-product.php pid parameter.

Cab Booking Script 1.0 has SQL Injection via the /service-list city parameter.

Basic B2B Script 2.0.8 has SQL Injection via the product_details.php id parameter.

Advance Online Learning Management Script 3.1 has SQL Injection via the courselist.php subcatid or popcourseid parameter.

Affiliate MLM Script 1.0 has SQL Injection via the product-category.php key parameter.

Nearbuy Clone Script 3.2 has SQL Injection via the category_list.php search parameter.

Entrepreneur Job Portal Script 2.0.6 has SQL Injection via the jobsearch_all.php rid1 parameter.

Beauty Parlour Booking Script 1.0 has SQL Injection via the /list gender or city parameter.

DomainSale PHP Script 1.0 has SQL Injection via the domain.php id parameter.

Simple Chatting System 1.0 allows Arbitrary File Upload via view/my_profile.php, which places files under uploads/.

Website Auction Marketplace 2.0.5 has SQL Injection via the search.php cat_id parameter.

Realestate Crowdfunding Script 2.7.2 has SQL Injection via the single-cause.php pid parameter.

FS Stackoverflow Clone 1.0 has SQL Injection via the /question keywords parameter.