Ihsan Sencan

964 exploits Active since Sep 2017
EIP-2026-111919 EXPLOITDB text WORKING POC
School ERP Pro+Responsive 1.0 - Arbitrary File Download
EIP-2026-111918 EXPLOITDB text WORKING POC
School ERP Pro+Responsive 1.0 - 'fid' SQL Injection
EIP-2026-111920 EXPLOITDB text WORKING POC
School ERP Ultimate 2018 - 'fid' SQL Injection
EIP-2026-111965 EXPLOITDB text WORKING POC
Secure Download Links - 'dc' SQL Injection
EIP-2026-111921 EXPLOITDB text WORKING POC
School ERP Ultimate 2018 - Arbitrary File Download
EIP-2026-112055 EXPLOITDB text WORKING POC
SIM-PKH 2.4.1 - 'id' SQL Injection
CVE-2018-18799 EXPLOITDB HIGH text WORKING POC
School Attendance Monitoring System - CSRF
School Attendance Monitoring System 1.0 has CSRF via event/controller.php?action=photos.
CVSS 8.8
CVE-2018-18763 EXPLOITDB CRITICAL text WORKING POC
Saltos - SQL Injection
SaltOS 3.1 r8126 allows action=ajax&query=numbers&page=usuarios&action2=[SQL] SQL Injection.
CVSS 9.8
CVE-2018-18762 EXPLOITDB MEDIUM text WORKING POC
Saltos - Information Disclosure
SaltOS 3.1 r8126 contains a database download vulnerability.
CVSS 6.5
CVE-2017-15971 EXPLOITDB CRITICAL text WORKING POC
Softdatepro Same Date Pro - SQL Injection
Same Sex Dating Software Pro 1.0 allows SQL Injection via the viewprofile.php profid parameter, the viewmessage.php sender_id parameter, or the /admin Email field, a related issue to CVE-2017-15972.
CVSS 9.8
CVE-2018-18761 EXPLOITDB CRITICAL text WORKING POC
Saltos - SQL Injection
SaltOS 3.1 r8126 allows action=login&querystring=&user=[SQL] SQL Injection.
CVSS 9.8
CVE-2018-18797 EXPLOITDB HIGH text WORKING POC
School Attendance Monitoring System - CSRF
School Attendance Monitoring System 1.0 has CSRF via /user/user/edit.php.
CVSS 8.8
CVE-2017-17641 EXPLOITDB CRITICAL text WORKING POC
Resume Clone Script - SQL Injection
Resume Clone Script 2.0.5 has SQL Injection via the preview.php id parameter.
CVSS 9.8
CVE-2018-18760 EXPLOITDB MEDIUM text WORKING POC
Saltos Rhinos - CSRF
RhinOS 3.0 build 1190 allows CSRF.
CVSS 6.5
CVE-2017-17628 EXPLOITDB CRITICAL text WORKING POC
Responsive Realestate Script - SQL Injection
Responsive Realestate Script 3.2 has SQL Injection via the property-list tbud parameter.
CVSS 9.8
EIP-2026-111747 EXPLOITDB text WORKING POC
Responsive Events & Movie Ticket Booking Script - SQL Injection
CVE-2017-17632 EXPLOITDB CRITICAL text WORKING POC
Responsive Events And Movie Ticket Booking Script - SQL Injection
Responsive Events And Movie Ticket Booking Script 3.2.1 has SQL Injection via the findcity.php q parameter.
CVSS 9.8
EIP-2026-111751 EXPLOITDB text WORKING POC
Responsive Matrimonial Script 4.0.1 - SQL Injection
EIP-2026-111739 EXPLOITDB text WORKING POC
Reservic 1.0 - 'id' SQL Injection
EIP-2026-111758 EXPLOITDB text WORKING POC
Restaurant Website Script 1.0 - SQL Injection
EIP-2026-111805 EXPLOITDB text WORKING POC
Roxy Fileman 1.4.5 - Arbitrary File Download
CVE-2017-17627 EXPLOITDB CRITICAL text WORKING POC
Readymade Video Sharing Script - SQL Injection
Readymade Video Sharing Script 3.2 has SQL Injection via the single-video-detail.php report_videos array parameter.
CVSS 9.8
EIP-2026-111704 EXPLOITDB text WORKING POC
Real Estate Custom Script 2.0 - SQL Injection
EIP-2026-111820 EXPLOITDB text WORKING POC
Rukovoditel Project Management CRM 2.3 - 'path' SQL Injection
CVE-2017-17591 EXPLOITDB CRITICAL text WORKING POC
Realestate Crowdfunding Script - SQL Injection
Realestate Crowdfunding Script 2.7.2 has SQL Injection via the single-cause.php pid parameter.
CVSS 9.8