Özkan Mustafa Akkuş (AkkuS)

59 exploits Active since Nov 2018
CVE-2018-19799 EXPLOITDB MEDIUM text WORKING POC
Dolibarr ERP/CRM <8.0.3 - XSS
Dolibarr ERP/CRM through 8.0.3 has /exports/export.php?datatoexport= XSS.
CVSS 6.1
EIP-2026-106720 EXPLOITDB text WORKING POC
easyLetters 1.0 - 'id' SQL Injection
EIP-2026-106695 EXPLOITDB text WORKING POC
Easy File Uploader 1.7 - SQL Injection / Cross-Site Scripting
EIP-2026-105590 EXPLOITDB text WORKING POC
BookingWizz Booking System 5.5 - 'id' SQL Injection
EIP-2026-105055 EXPLOITDB text WORKING POC
Ajax Full Featured Calendar 2.0 - 'search' SQL Injection
EIP-2026-105369 EXPLOITDB text WORKING POC
Baby Names Search Engine 1.0 - 'a' SQL Injection
EIP-2026-103304 EXPLOITDB text WORKING POC
NewsBee CMS 1.4 - 'home-text-edit.php' SQL Injection
CVE-2019-13597 EXPLOITDB CRITICAL python WORKING POC
Sahi Pro 8.0.0 - Command Injection
_s_/sprm/_s_/dyn/Player_setScriptFile in Sahi Pro 8.0.0 allows command execution. It allows one to run ".sah" scripts via Sahi Launcher. Also, one can create a new script with an editor. It is possible to execute commands on the server using the _execute() function.
CVSS 9.8
CVE-2018-20503 EXPLOITDB MEDIUM text WORKING POC
Alliedtelesis 8100l/8 Firmware - XSS
Allied Telesis 8100L/8 devices allow XSS via the edit-ipv4_interface.php vlanid or subnet_mask parameter.
CVSS 6.1