Ihsan Sencan

964 exploits Active since Sep 2017
CVE-2018-18795 EXPLOITDB CRITICAL text WORKING POC
School Event Management System - SQL Injection
School Event Management System 1.0 has SQL Injection via the student/index.php or event/index.php id parameter.
CVSS 9.8
EIP-2026-111936 EXPLOITDB text WORKING POC
SchoolDir - SQL Injection
EIP-2026-111918 EXPLOITDB text WORKING POC
School ERP Pro+Responsive 1.0 - 'fid' SQL Injection
EIP-2026-111919 EXPLOITDB text WORKING POC
School ERP Pro+Responsive 1.0 - Arbitrary File Download
EIP-2026-111921 EXPLOITDB text WORKING POC
School ERP Ultimate 2018 - Arbitrary File Download
EIP-2026-111942 EXPLOITDB text WORKING POC
Schools Alert Management Script 2.01 - 'list_id' SQL Injection
EIP-2026-111920 EXPLOITDB text WORKING POC
School ERP Ultimate 2018 - 'fid' SQL Injection
EIP-2026-111572 EXPLOITDB text WORKING POC
PTCEvolution 5.50 - SQL Injection
EIP-2026-111626 EXPLOITDB text WRITEUP
Quadz School Management System 3.1 - 'uisd' SQL Injection
EIP-2026-111569 EXPLOITDB text WORKING POC
PTC KSV1 Script 1.7 - 'type' SQL Injection
EIP-2026-111551 EXPLOITDB text WORKING POC
Property Listing Script 3.1 - SQL Injection
CVE-2017-15977 EXPLOITDB CRITICAL text WORKING POC
Protectedlinks Expiring Download Links - SQL Injection
Protected Links - Expiring Download Links 1.0 allows SQL Injection via the username parameter.
CVSS 9.8
EIP-2026-111519 EXPLOITDB text WORKING POC
Professional Service Booking 1.0 - SQL Injection
EIP-2026-111520 EXPLOITDB text WRITEUP
Professional Service Booking Script - SQL Injection
CVE-2018-5973 EXPLOITDB CRITICAL text WORKING POC
Professional Local Directory Script 1.0 - SQL Injection
SQL Injection exists in Professional Local Directory Script 1.0 via the sellers_subcategories.php IndustryID parameter, or the suppliers.php IndustryID or CategoryID parameter.
CVSS 9.8
CVE-2017-17625 EXPLOITDB CRITICAL text WORKING POC
ON Demand Marketplace Script - SQL Injection
Professional Service Script 1.0 has SQL Injection via the service-list city parameter.
CVSS 9.8
CVE-2018-18805 EXPLOITDB CRITICAL text WORKING POC
Pointofsales - SQL Injection
Point Of Sales 1.0 allows SQL injection via the login screen, related to LoginForm1.vb.
CVSS 9.8
EIP-2026-111407 EXPLOITDB text WORKING POC
Poppy Web Interface Generator 0.8 - Arbitrary File Upload
EIP-2026-111488 EXPLOITDB text WORKING POC
Premium Penny Auction Script - SQL Injection
EIP-2026-111517 EXPLOITDB text WRITEUP
Professional Bus Booking Script - 'hid_Busid' SQL Injection
EIP-2026-110782 EXPLOITDB text WORKING POC
PHP Video Battle Script 1.0 - SQL Injection
EIP-2026-110823 EXPLOITDB text WORKING POC
PHP-Lance 1.52 - 'subcat' SQL Injection
EIP-2026-110777 EXPLOITDB text WORKING POC
PHP Uber-style GeoTracking 1.1 - SQL Injection
EIP-2026-110747 EXPLOITDB text WRITEUP
Php Real Estate Property Script - SQL Injection
EIP-2026-110756 EXPLOITDB text WORKING POC
PHP Search Engine 1.0 - SQL Injection