Ihsan Sencan

964 exploits Active since Sep 2017
EIP-2026-112135 EXPLOITDB text WORKING POC
Simple POS and Inventory 1.0 - 'cat' SQL Injection
EIP-2026-112068 EXPLOITDB text WORKING POC
Simple Chat System 1.0 - 'id' SQL Injection
EIP-2026-112171 EXPLOITDB text WORKING POC
Single Theater Booking Script - 'newsid' SQL Injection
CVE-2017-17634 EXPLOITDB CRITICAL text WORKING POC
Single Theater Booking Script - SQL Injection
Single Theater Booking Script 3.2.1 has SQL Injection via the findcity.php q parameter.
CVSS 9.8
EIP-2026-112056 EXPLOITDB text WORKING POC
SIM-PKH 2.4.1 - Arbitrary File Upload
EIP-2026-112029 EXPLOITDB text WRITEUP
Shopping Cart Template - 'item' SQL Injection
EIP-2026-112018 EXPLOITDB text WRITEUP
Shiksha Educational Website Script - SQL Injection
EIP-2026-112039 EXPLOITDB text WORKING POC
SiAdmin 1.1 - 'id' SQL Injection
EIP-2026-112055 EXPLOITDB text WORKING POC
SIM-PKH 2.4.1 - 'id' SQL Injection
EIP-2026-112017 EXPLOITDB text WORKING POC
Shield CMS 2.2 - 'email' SQL Injection
EIP-2026-111972 EXPLOITDB text WRITEUP
Select Your College Script 2.01 - SQL Injection
CVE-2017-17629 EXPLOITDB CRITICAL text WORKING POC
Secure E-commerce Script - SQL Injection
Secure E-commerce Script 2.0.1 has SQL Injection via the category.php searchmain or searchcat parameter, or the single_detail.php sid parameter.
CVSS 9.8
EIP-2026-111979 EXPLOITDB text WRITEUP
Sendroid 5.2 - SQL Injection
EIP-2026-111942 EXPLOITDB text WORKING POC
Schools Alert Management Script 2.01 - 'list_id' SQL Injection
EIP-2026-111965 EXPLOITDB text WORKING POC
Secure Download Links - 'dc' SQL Injection
EIP-2026-112010 EXPLOITDB text WORKING POC
SG ERP 1.0 - 'info' SQL Injection
CVE-2018-18795 EXPLOITDB CRITICAL text WORKING POC
School Event Management System - SQL Injection
School Event Management System 1.0 has SQL Injection via the student/index.php or event/index.php id parameter.
CVSS 9.8
EIP-2026-111936 EXPLOITDB text WORKING POC
SchoolDir - SQL Injection
CVE-2017-15979 EXPLOITDB CRITICAL text WRITEUP
Odallated Shareet - SQL Injection
Shareet - Photo Sharing Social Network 1.0 allows SQL Injection via the photo parameter.
CVSS 9.8
CVE-2018-18798 EXPLOITDB CRITICAL text WORKING POC
School Attendance Monitoring System - SQL Injection
Attendance Monitoring System 1.0 has SQL Injection via the 'id' parameter to student/index.php?view=view, event/index.php?view=view, and user/index.php?view=view.
CVSS 9.8
EIP-2026-111918 EXPLOITDB text WORKING POC
School ERP Pro+Responsive 1.0 - 'fid' SQL Injection
CVE-2018-18799 EXPLOITDB HIGH text WORKING POC
School Attendance Monitoring System - CSRF
School Attendance Monitoring System 1.0 has CSRF via event/controller.php?action=photos.
CVSS 8.8
CVE-2018-18797 EXPLOITDB HIGH text WORKING POC
School Attendance Monitoring System - CSRF
School Attendance Monitoring System 1.0 has CSRF via /user/user/edit.php.
CVSS 8.8
EIP-2026-111919 EXPLOITDB text WORKING POC
School ERP Pro+Responsive 1.0 - Arbitrary File Download
CVE-2018-18761 EXPLOITDB CRITICAL text WORKING POC
Saltos - SQL Injection
SaltOS 3.1 r8126 allows action=login&querystring=&user=[SQL] SQL Injection.
CVSS 9.8