Ihsan Sencan - Security Researcher - Exploit Intelligence Platform

CVE-2018-17377 EXPLOITDB CRITICAL text WORKING POC

Joomla! 1.4.3 - SQL Injection

SQL Injection exists in the Questions 1.4.3 component for Joomla! via the term, userid, users, or groups parameter.

CVSS 9.8

View Code

CVE-2018-6024 EXPLOITDB CRITICAL text WORKING POC

Joomla! Project Log 1.5.3 - SQL Injection

SQL Injection exists in the Project Log 1.5.3 component for Joomla! via the search parameter.

CVSS 9.8

View Code

CVE-2018-7317 EXPLOITDB HIGH text WRITEUP

Christianwebministries Proclaim - Information Disclosure

Backup Download exists in the Proclaim 9.1.1 component for Joomla! via a direct request for a .sql file under backup/.

CVSS 7.5

View Code

EIP-2026-108886 EXPLOITDB text WORKING POC

Joomla! Component vBizz 1.0.7 - Remote Code Execution

View Code

CVE-2018-7316 EXPLOITDB CRITICAL text WRITEUP

Christianwebministries Proclaim - Unrestricted File Upload

Arbitrary File Upload exists in the Proclaim 9.1.1 component for Joomla! via a mediafileform action.

CVSS 9.8

View Code

EIP-2026-108834 EXPLOITDB text WORKING POC

Joomla! Component Price Alert 3.0.2 - 'product_id' SQL Injection

View Code

CVE-2018-7314 EXPLOITDB CRITICAL text WORKING POC

Mlwebtechnologies Prayercenter - SQL Injection

SQL Injection exists in the PrayerCenter 3.0.2 component for Joomla! via the sessionid parameter, a different vulnerability than CVE-2008-6429.

CVSS 9.8

View Code

EIP-2026-108838 EXPLOITDB text WORKING POC

Joomla! Component Quiz Deluxe 3.7.4 - SQL Injection

View Code

CVE-2018-6397 EXPLOITDB HIGH text WRITEUP

Joomlacalendars Picture Calendar - Path Traversal

Directory Traversal exists in the Picture Calendar 3.1.4 component for Joomla! via the list.php folder parameter.

CVSS 7.5

View Code

EIP-2026-108888 EXPLOITDB text WORKING POC

Joomla! Component VehicleManager 3.9 - SQL Injection

View Code

EIP-2026-108831 EXPLOITDB text WORKING POC

Joomla! Component PHP-Bridge 1.2.3 - SQL Injection

View Code

EIP-2026-108844 EXPLOITDB text WORKING POC

Joomla! Component Recipe Manager 2.2 - 'id' SQL Injection

View Code

EIP-2026-108830 EXPLOITDB text WORKING POC

Joomla! Component Photo Contest 1.0.2 - SQL Injection

View Code

EIP-2026-109077 EXPLOITDB text WRITEUP

Law Firm 1.0 - SQL Injection

View Code

CVE-2018-17378 EXPLOITDB CRITICAL text WORKING POC

Penny Auction Factory 2.0.4 - SQL Injection

SQL Injection exists in the Penny Auction Factory 2.0.4 component for Joomla! via the filter_order_Dir or filter_order parameter.

CVSS 9.8

View Code

CVE-2018-7180 EXPLOITDB CRITICAL text WORKING POC

Saxum2003 Astro - SQL Injection

SQL Injection exists in the Saxum Astro 4.0.14 component for Joomla! via the publicid parameter.

CVSS 9.8

View Code

EIP-2026-108825 EXPLOITDB text WORKING POC

Joomla! Component PayPal IPN for DOCman 3.1 - 'id' SQL Injection

View Code

CVE-2018-7178 EXPLOITDB CRITICAL text WORKING POC

Saxum2003 Saxum Picker - SQL Injection

SQL Injection exists in the Saxum Picker 3.2.10 component for Joomla! via the publicid parameter.

CVSS 9.8

View Code

EIP-2026-108885 EXPLOITDB text WORKING POC

Joomla! Component vAccount 2.0.2 - 'vid' SQL Injection

View Code

EIP-2026-108855 EXPLOITDB text WORKING POC

Joomla! Component Simple Membership 3.3.3 - 'userId' SQL Injection

View Code

EIP-2026-108820 EXPLOITDB text WORKING POC

Joomla! Component OSDownloads 1.7.4 - SQL Injection

View Code

EIP-2026-108819 EXPLOITDB text WORKING POC

Joomla! Component OS Services Booking 2.5.1 - SQL Injection

View Code

CVE-2018-7319 EXPLOITDB CRITICAL text WRITEUP

OS Property Real Estate - SQL Injection

SQL Injection exists in the OS Property Real Estate 3.12.7 component for Joomla! via the cooling_system1, heating_system1, or laundry parameter.

CVSS 9.8

View Code

CVE-2018-17385 EXPLOITDB CRITICAL text WORKING POC

Social Factory 3.8.3 - SQL Injection

SQL Injection exists in the Social Factory 3.8.3 component for Joomla! via the radius[lat], radius[lng], or radius[radius] parameter.

CVSS 9.8

View Code

EIP-2026-108818 EXPLOITDB text WORKING POC

Joomla! Component OS Property 3.0.8 - SQL Injection

View Code