cvedb.io
CVE-2017-17640
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2017-12-13T09:29:03.090 · Last modified 2026-06-17T01:11:25.577

Summary

Advanced World Database 2.0.5 has SQL Injection via the city.php country or state parameter, or the state.php country parameter.

Affected products

advanced_world_database_project — advanced_world_database

Does this affect you?

Add your gear to cvedb and we'll alert you only when advanced_world_database_project ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.