Ihsan Sencan

964 exploits Active since Sep 2017
CVE-2018-25193 EXPLOITDB HIGH python WORKING POC
Mongoose Web Server 6.9 - DoS
Mongoose Web Server 6.9 contains a denial of service vulnerability that allows remote attackers to crash the service by establishing multiple socket connections. Attackers can repeatedly create connections to the default port and send malformed data to exhaust server resources and cause service unavailability.
CVSS 7.5
CVE-2018-25192 EXPLOITDB HIGH text WORKING POC
GPS Tracking System 2.12 - SQL Injection
GPS Tracking System 2.12 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the username parameter. Attackers can submit crafted POST requests to the login.php endpoint with SQL injection payloads in the username field to gain unauthorized access without valid credentials.
CVSS 8.2
CVE-2018-25191 EXPLOITDB HIGH text WORKING POC
Facturation System 1.0 - SQL Injection
Facturation System 1.0 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'mod_id' parameter. Attackers can send POST requests to the editar_producto.php endpoint with crafted SQL payloads in the mod_id parameter to extract sensitive database information including usernames, database names, and version details.
CVSS 7.1
CVE-2018-25190 EXPLOITDB MEDIUM text WORKING POC
Easyndexer 1.0 - CSRF
Easyndexer 1.0 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create administrative accounts by submitting forged POST requests. Attackers can craft malicious web pages that submit POST requests to createuser.php with parameters including username, password, name, surname, and privileges set to 1 for administrator access.
CVSS 5.3
CVE-2018-25189 EXPLOITDB HIGH text WORKING POC
Data Center Audit 2.6.2 - SQL Injection
Data Center Audit 2.6.2 contains an SQL injection vulnerability in the username parameter of dca_login.php that allows unauthenticated attackers to execute arbitrary SQL queries. Attackers can submit crafted SQL payloads through POST requests to extract sensitive database information including usernames, database names, and version details.
CVSS 8.2
CVE-2018-25188 EXPLOITDB HIGH text WORKING POC
Webiness Inventory 2.3 - SQL Injection
Webiness Inventory 2.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the order parameter. Attackers can send POST requests to the WsModelGrid.php endpoint with crafted SQL payloads to extract sensitive database information including usernames, databases, and version details.
CVSS 8.2
CVE-2018-25187 EXPLOITDB HIGH text WORKING POC
Tina4 Stack 1.0.3 - SQL Injection
Tina4 Stack 1.0.3 contains multiple vulnerabilities allowing unauthenticated attackers to access sensitive database files and execute SQL injection attacks. Attackers can directly request the kim.db database file to retrieve user credentials and password hashes, or inject SQL code through the menu endpoint to manipulate database queries.
CVSS 8.2
CVE-2018-25186 EXPLOITDB MEDIUM text WORKING POC
Tina4 Stack 1.0.3 - CSRF
Tina4 Stack 1.0.3 contains a cross-site request forgery vulnerability that allows attackers to modify admin user credentials by submitting forged POST requests to the profile endpoint. Attackers can craft HTML forms targeting the /kim/profile endpoint with hidden fields containing malicious user data like passwords and email addresses to update administrator accounts without authentication.
CVSS 5.3
CVE-2018-25184 EXPLOITDB MEDIUM text WORKING POC
Surreal ToDo 0.6.1.2 - Path Traversal
Surreal ToDo 0.6.1.2 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the content parameter. Attackers can supply directory traversal sequences through the content parameter in index.php to access sensitive system files like configuration and initialization files.
CVSS 6.2
CVE-2018-25182 EXPLOITDB HIGH text WORKING POC
Silurus Classifieds Script 2.0 - SQL Injection
Silurus Classifieds Script 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the ID parameter. Attackers can send GET requests to wcategory.php with crafted SQL payloads in the ID parameter to extract database table names and sensitive information from the database.
CVSS 8.2
CVE-2018-25181 EXPLOITDB HIGH text WORKING POC
Musicco 2.0.0 - Path Traversal
Musicco 2.0.0 contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary directories by manipulating the parent parameter. Attackers can supply directory traversal sequences in the parent parameter of the getAlbum endpoint to access sensitive system directories and download them as ZIP files.
CVSS 7.5
CVE-2018-25180 EXPLOITDB HIGH text WORKING POC
Maitra 1.7.2 - SQL Injection
Maitra 1.7.2 contains an sql injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the mailid parameter in outmail and inmail modules. Attackers can also download the SQLite database file directly from the application directory to extract sensitive mail tracking data and credentials.
CVSS 7.1
CVE-2018-25179 EXPLOITDB HIGH text WORKING POC
Gumbo CMS 0.99 - SQL Injection
Gumbo CMS 0.99 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the language parameter. Attackers can send POST requests to the settings endpoint with crafted SQL payloads in the language parameter to extract sensitive database information including usernames, databases, and version details.
CVSS 8.2
CVE-2018-25178 EXPLOITDB HIGH text WORKING POC
Easyndexer 1.0 - Path Traversal
Easyndexer 1.0 contains an arbitrary file download vulnerability that allows unauthenticated attackers to download sensitive files by manipulating the file parameter. Attackers can send POST requests to showtif.php with arbitrary file paths in the file parameter to retrieve system files like configuration and initialization files.
CVSS 7.5
CVE-2018-25177 EXPLOITDB MEDIUM text WORKING POC
Data Center Audit 2.6.2 - CSRF
Data Center Audit 2.6.2 contains a cross-site request forgery vulnerability that allows attackers to reset administrator passwords without authentication by submitting crafted POST requests. Attackers can send requests to dca_resetpw.php with parameters updateuser, pass, pass2, and submit_reset to change the admin account password and gain administrative access.
CVSS 5.3
CVE-2018-25176 EXPLOITDB HIGH text WORKING POC
Alive Parish 2.0.4 - SQL Injection
Alive Parish 2.0.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the key parameter in the search endpoint. Attackers can also upload arbitrary files via the person photo upload functionality to the images/uploaded directory for remote code execution.
CVSS 8.2
CVE-2018-25175 EXPLOITDB HIGH text WORKING POC
Alienor Web Libre 2.0 - SQL Injection
Alienor Web Libre 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the identifiant parameter. Attackers can submit crafted POST requests to index.php with SQL injection payloads in the identifiant field to extract sensitive database information including usernames, databases, and version details.
CVSS 8.2
CVE-2018-25174 EXPLOITDB MEDIUM text WORKING POC
ABC ERP 0.6.4 - CSRF
ABC ERP 0.6.4 contains a cross-site request forgery vulnerability that allows attackers to modify administrator credentials by submitting forged requests to _configurar_perfil.php. Attackers can craft malicious forms or links containing parameters like usuario, contrasena1, contrasena2, nombre, and email to change admin account settings without authentication.
CVSS 5.3
CVE-2018-25173 EXPLOITDB HIGH text WORKING POC
Rmedia SMS 1.0 - SQL Injection
Rmedia SMS 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information by injecting SQL code through the gid parameter. Attackers can send GET requests to editgrp.php with malicious gid values using EXTRACTVALUE and CONCAT functions to retrieve schema names and sensitive database data.
CVSS 8.2
CVE-2018-25172 EXPLOITDB HIGH text WORKING POC
Pedidos 1.0 - SQL Injection
Pedidos 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'q' parameter. Attackers can send GET requests to the ajax/load_proveedores.php endpoint with crafted SQL payloads to extract sensitive database information including schema names and table structures.
CVSS 8.2
CVE-2018-25171 EXPLOITDB HIGH text WORKING POC
EdTv 2 - SQL Injection
EdTv 2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers can send GET requests to the admin/edit_source endpoint with crafted SQL UNION statements to extract database information including schema names, user credentials, and version details.
CVSS 8.2
CVE-2018-25170 EXPLOITDB HIGH text WORKING POC
DoceboLMS 1.2 - SQL Injection
DoceboLMS 1.2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the id, idC, and idU parameters. Attackers can send GET requests to the lesson.php endpoint with malicious SQL payloads to extract sensitive database information.
CVSS 8.2
CVE-2018-25169 EXPLOITDB HIGH python WORKING POC
AMPPS 2.7 - DoS
AMPPS 2.7 contains a denial of service vulnerability that allows remote attackers to crash the service by sending malformed data to the default HTTP port. Attackers can establish multiple socket connections and transmit invalid payloads to exhaust server resources and cause service unavailability.
CVSS 7.5
CVE-2018-25168 EXPLOITDB MEDIUM text WORKING POC
Precurio Intranet Portal 2.0 - CSRF
Precurio Intranet Portal 2.0 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create administrative user accounts by submitting crafted POST requests. Attackers can forge requests to the /public/admin/user/submitnew endpoint with user creation parameters to add new admin accounts without requiring CSRF tokens or user interaction.
CVSS 4.3
CVE-2018-25167 EXPLOITDB HIGH text WORKING POC
Net-Billetterie 2.9 - SQL Injection
Net-Billetterie 2.9 contains an SQL injection vulnerability in the login parameter of login.inc.php that allows unauthenticated attackers to execute arbitrary SQL queries. Attackers can submit malicious SQL code through the login POST parameter to extract database information including usernames, passwords, and system credentials.
CVSS 8.2