Ihsan Sencan

985 exploits Active since Sep 2017
CVE-2017-15989 EXPLOITDB CRITICAL text WORKING POC
Online Exam Test Application - SQL Injection via Sort Parameter
Online Exam Test Application allows SQL Injection via the resources.php sort parameter in a category action.
CVSS 9.8
EIP-2026-110027 EXPLOITDB text WRITEUP
Omegle Clone - SQL Injection
EIP-2026-110128 EXPLOITDB text WORKING POC
Online Job Portal 1.0 - Cross Site Request Forgery (Add User)
EIP-2026-110068 EXPLOITDB text WORKING POC
Online Cinema and Event Booking Script 2.01 - 'newsid' SQL Injection
EIP-2026-110324 EXPLOITDB text WRITEUP
Opensource Classified Ads Script - 'keyword' SQL Injection
CVE-2017-17623 EXPLOITDB CRITICAL html WORKING POC
Opensource Classified Ads Script 3.2 - SQL Injection via Advance Result Keyword Parameter
Opensource Classified Ads Script 3.2 has SQL Injection via the advance_result.php keyword parameter.
CVSS 9.8
EIP-2026-109932 EXPLOITDB text WRITEUP
NGO Directory Script - SQL Injection
EIP-2026-109933 EXPLOITDB text WORKING POC
NGO Website Script - SQL Injection
CVE-2017-15988 EXPLOITDB CRITICAL text WRITEUP
nice_php_faq_script - SQL Injection via index.php nice_theme Parameter
Nice PHP FAQ Script allows SQL Injection via the index.php nice_theme parameter, a different vulnerability than CVE-2008-6525.
CVSS 9.8
CVE-2017-15981 EXPLOITDB CRITICAL text WORKING POC
Responsive Newspaper Magazine & Blog CMS 1.0 - SQL Injection via id Parameter
Responsive Newspaper Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing.
CVSS 9.8
CVE-2017-17597 EXPLOITDB CRITICAL text WRITEUP
Nearbuy Clone Script 3.2 - SQL Injection via Category List Search Parameter
Nearbuy Clone Script 3.2 has SQL Injection via the category_list.php search parameter.
CVSS 9.8
EIP-2026-109895 EXPLOITDB text WORKING POC
Network Community Script 3.0.2 - SQL Injection
CVE-2017-15982 EXPLOITDB CRITICAL text WORKING POC
Dynamic News Magazine & Blog CMS 1.0 - SQL Injection via id Parameter
Dynamic News Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing.
CVSS 9.8
EIP-2026-109942 EXPLOITDB text WORKING POC
Nlance 2.2 - SQL Injection
CVE-2017-15983 EXPLOITDB CRITICAL text WORKING POC
MyMagazine Magazine & Blog CMS 1.0 - SQL Injection via id Parameter
MyMagazine Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing.
CVSS 9.8
EIP-2026-109798 EXPLOITDB text WORKING POC
MySQL Edit Table 1.0 - 'id' SQL Injection
EIP-2026-109759 EXPLOITDB text WORKING POC
MyClassifiedScript 5.1 - SQL Injection
EIP-2026-109799 EXPLOITDB text WORKING POC
MySQL File Uploader 1.0 - 'id' SQL Injection
EIP-2026-109958 EXPLOITDB text WORKING POC
Notes Manager 1.0 - Arbitrary File Upload
EIP-2026-109839 EXPLOITDB text WORKING POC
Naukri Clone Script 3.02 - 'type' SQL Injection
EIP-2026-109661 EXPLOITDB text WRITEUP
My Builder Marketplace 1.0 - SQL Injection
EIP-2026-109665 EXPLOITDB text WRITEUP
My Gaming Ladder Combo System 7.5 - SQL Injection
EIP-2026-109657 EXPLOITDB text WORKING POC
MV Video Sharing Software 1.2 - 'searchname' SQL Injection
EIP-2026-109667 EXPLOITDB text WORKING POC
My Link Trader 1.1 - Authentication Bypass
EIP-2026-109649 EXPLOITDB text WORKING POC
Music Site Script 1.2 - Authentication Bypass