Ihsan Sencan

985 exploits Active since Sep 2017
CVE-2025-55182 NOMISEC CRITICAL WORKING POC
React Server Components <19.2.0 - RCE
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.
1 stars
CVSS 10.0
CVE-2025-55182 NOMISEC CRITICAL WORKING POC
React Server Components <19.2.0 - RCE
A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.
CVSS 10.0
CVE-2017-20248 EXPLOITDB HIGH text WORKING POC
WordPress Plugin Apptha Slider Gallery 1.0 Path Traversal File Download
Apptha Slider Gallery 1.0 contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary files by manipulating the imgname parameter. Attackers can send requests to asgallDownload.php with directory traversal sequences ../ to access sensitive files outside the intended directory.
CVSS 7.5
CVE-2017-20247 EXPLOITDB HIGH text WORKING POC
WordPress Plugin PICA Photo Gallery 1.0 SQL Injection
WordPress Plugin PICA Photo Gallery 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid parameter. Attackers can send GET requests with crafted SQL payloads in the aid parameter to extract sensitive database information including user credentials and table contents.
CVSS 8.2
CVE-2017-20250 EXPLOITDB HIGH text WORKING POC
WordPress Plugin Mac Photo Gallery 3.0 Arbitrary File Download
Mac Photo Gallery 3.0 contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary files by manipulating the albid parameter. Attackers can send requests to macdownload.php with directory traversal sequences to access sensitive files like wp-load.php outside the intended plugin directory.
CVSS 7.5
CVE-2017-20249 EXPLOITDB HIGH text WORKING POC
WordPress Plugin Apptha Slider Gallery 1.0 SQL Injection
Apptha Slider Gallery 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the albid parameter. Attackers can send GET requests with crafted SQL payloads in the albid parameter to extract sensitive database information including user credentials and authentication hashes.
CVSS 8.2
CVE-2018-25433 EXPLOITDB HIGH perl WORKING POC
Joomla Component JE Photo Gallery 1.1 - Unauthenticated SQL Injection via categoryid Parameter
Joomla Component JE Photo Gallery 1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information by injecting malicious SQL code through the categoryid parameter. Attackers can send GET requests to index.php with crafted categoryid values in the com_jephotogallery component to execute arbitrary SQL queries and retrieve sensitive data like usernames and password hashes.
CVSS 8.2
CVE-2018-25430 EXPLOITDB HIGH text WORKING POC
Paroiciel 11.20 - Authenticated SQL Injection via eGeqIdEquipe Parameter
Paroiciel 11.20 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the eGeqIdEquipe parameter. Attackers can send GET requests to the egeq.php endpoint with crafted SQL payloads to extract sensitive database information including version details and other data.
CVSS 7.1
CVE-2018-25429 EXPLOITDB HIGH text WORKING POC
Paroiciel 11.20 - Authenticated SQL Injection via zProIdPro Parameter
Paroiciel 11.20 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the zProIdPro parameter. Attackers can send GET requests to zpro.php with crafted SQL payloads in the zProIdPro parameter to extract sensitive database information including usernames, databases, and version details.
CVSS 7.1
CVE-2018-25428 EXPLOITDB HIGH text WORKING POC
Paroiciel 11.20 - Unauthenticated SQL Injection via tRecIdListe Parameter
Paroiciel 11.20 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the tRecIdListe parameter. Attackers can send GET requests to the trec.php endpoint with crafted SQL payloads to extract database information including table and column names.
CVSS 8.2
CVE-2018-25426 EXPLOITDB HIGH python WORKING POC
WinMTR 0.91 Denial of Service via Buffer Overflow
WinMTR 0.91 contains a denial of service vulnerability that allows attackers to crash the application by sending a malformed payload file containing a large buffer of repeated characters. Attackers can create a specially crafted input file with 238 bytes of data to trigger a buffer overflow condition that causes the application to crash.
CVSS 7.5
CVE-2018-25425 EXPLOITDB HIGH text WORKING POC
Yot CMS 3.3.1 - SQL Injection via aid and cid Parameters
Yot CMS 3.3.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid and cid parameters. Attackers can send GET requests to index.php with crafted SQL payloads in the aid or cid parameters to extract database information including table and column names.
CVSS 8.2
CVE-2018-25424 EXPLOITDB HIGH text WORKING POC
Gate Pass Management System 2.1 SQL Injection via login-exec.php
Gate Pass Management System 2.1 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the login and password parameters. Attackers can submit crafted POST requests to login-exec.php with SQL injection payloads in form parameters to authenticate without valid credentials and gain access to the application.
CVSS 8.2
CVE-2018-25421 EXPLOITDB MEDIUM text WORKING POC
Open STA Manager 2.3 Arbitrary File Download via Path Traversal
Open STA Manager 2.3 contains a path traversal vulnerability that allows authenticated users to download arbitrary files by manipulating the file parameter. Attackers can send GET requests to modules/backup/actions.php with op=getfile and traverse directories using ../ sequences to access sensitive system files.
CVSS 6.5
CVE-2018-25420 EXPLOITDB HIGH text WORKING POC
AiOPMSD Final 1.0.0 SQL Injection via watch.php
AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to watch.php with crafted SQL payloads to extract sensitive database information including usernames, database names, and version details.
CVSS 8.2
CVE-2018-25419 EXPLOITDB HIGH text WORKING POC
AiOPMSD Final 1.0.0 SQL Injection via genre.php
AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the genre parameter. Attackers can send GET requests to genre.php with crafted SQL payloads in the genre parameter to extract sensitive database information including usernames, database names, and version details.
CVSS 8.2
CVE-2018-25418 EXPLOITDB HIGH text WORKING POC
AiOPMSD Final 1.0.0 SQL Injection via year.php
AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the year parameter. Attackers can send GET requests to year.php with crafted SQL payloads in the year parameter to extract sensitive database information including usernames, database names, and version details.
CVSS 8.2
CVE-2018-25417 EXPLOITDB HIGH text WORKING POC
AiOPMSD Final 1.0.0 SQL Injection via quality.php
AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the quality parameter. Attackers can send GET requests to quality.php with crafted SQL payloads in the quality parameter to extract sensitive database information including usernames, database names, and version details.
CVSS 8.2
CVE-2018-25416 EXPLOITDB HIGH text WORKING POC
AiOPMSD Final 1.0.0 SQL Injection via country.php
AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the country parameter. Attackers can send GET requests to country.php with crafted SQL payloads in the country parameter to extract sensitive database information including usernames, database names, and version details.
CVSS 8.2
CVE-2018-25415 EXPLOITDB HIGH text WORKING POC
AiOPMSD Final 1.0.0 SQL Injection via director Parameter
AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the director parameter. Attackers can send GET requests to director.php with crafted SQL payloads in the director parameter to extract sensitive database information including usernames, database names, and version details.
CVSS 8.2
CVE-2018-25414 EXPLOITDB HIGH text WORKING POC
AiOPMSD Final 1.0.0 SQL Injection via actor.php
AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the actor parameter. Attackers can send GET requests to actor.php with crafted SQL payloads in the actor parameter to extract sensitive database information including usernames, database names, and version details.
CVSS 8.2
CVE-2018-25413 EXPLOITDB HIGH text WORKING POC
AiOPMSD Final 1.0.0 SQL Injection via search.php
AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'q' parameter. Attackers can send GET requests to search.php with crafted SQL payloads to extract sensitive database information including usernames, database names, and version details.
CVSS 8.2
CVE-2018-25412 EXPLOITDB CRITICAL text WORKING POC
Delta Sql 1.8.2 Arbitrary File Upload via docs_upload.php
Delta Sql 1.8.2 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to docs_upload.php with crafted multipart form data. Attackers can upload PHP files with arbitrary content to the upload directory and execute them on the server for remote code execution.
CVSS 9.8
CVE-2018-25411 EXPLOITDB HIGH text WORKING POC
MGB OpenSource Guestbook 0.7.0.2 SQL Injection via email.php
MGB OpenSource Guestbook 0.7.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to email.php with crafted SQL payloads in the 'id' parameter to extract sensitive database information including table and column names.
CVSS 8.2
CVE-2018-25410 EXPLOITDB HIGH text WORKING POC
SIM-PKH 2.4.1 - SQL Injection via media.php id Parameter
SIM-PKH 2.4.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to /admin/media.php with module=pengurus and act=editpengurus parameters containing SQL UNION statements to extract database information including usernames, database names, and version details.
CVSS 7.1