Ihsan Sencan

985 exploits Active since Sep 2017
EIP-2026-108767 EXPLOITDB text WRITEUP
Joomla! Component JUX EventOn 1.0.1 - 'id' SQL Injection
EIP-2026-108770 EXPLOITDB text WRITEUP
Joomla! Component KissGallery 1.0.0 - SQL Injection
EIP-2026-108775 EXPLOITDB text WORKING POC
Joomla! Component LMS King Professional 3.2.4.0 - SQL Injection
EIP-2026-108777 EXPLOITDB text WORKING POC
Joomla! Component Magic Deals Web 1.2.0 - SQL Injection
EIP-2026-108782 EXPLOITDB text WORKING POC
Joomla! Component MaQma Helpdesk 4.2.7 - 'id' SQL Injection
EIP-2026-108783 EXPLOITDB text WORKING POC
Joomla! Component MediaLibrary Basic 3.5 - SQL Injection
CVE-2018-5971 EXPLOITDB CRITICAL text WORKING POC
MediaLibrary Free 4.0.12 - SQL Injection
SQL Injection exists in the MediaLibrary Free 4.0.12 component for Joomla! via the id parameter or the mid array parameter.
CVSS 9.8
EIP-2026-108796 EXPLOITDB text WORKING POC
Joomla! Component Monthly Archive 3.6.4 - 'author_form' SQL Injection
EIP-2026-108797 EXPLOITDB text WORKING POC
Joomla! Component Most Wanted Real Estate 1.1.0 - SQL Injection
EIP-2026-108799 EXPLOITDB text WORKING POC
Joomla! Component MultiTier 3.1 - SQL Injection
CVE-2018-17375 EXPLOITDB CRITICAL text WORKING POC
Music Collection 3.0.3 - SQL Injection
SQL Injection exists in the Music Collection 3.0.3 component for Joomla! via the id parameter.
CVSS 9.8
EIP-2026-108802 EXPLOITDB text WRITEUP
Joomla! Component My MSG 3.2.1 - SQL Injection
EIP-2026-108803 EXPLOITDB text WORKING POC
Joomla! Component My Projects 2.0 - SQL Injection
CVE-2018-6370 EXPLOITDB CRITICAL text WORKING POC
NeoRecruit 4.1 - SQL Injection via PATH_INFO or .html File Name
SQL Injection exists in the NeoRecruit 4.1 component for Joomla! via the (1) PATH_INFO or (2) name of a .html file under the all-offers/ URI.
CVSS 9.8
EIP-2026-108811 EXPLOITDB text WORKING POC
Joomla! Component NextGen Editor 2.1.0 - 'plname' SQL Injection
CVE-2017-15965 EXPLOITDB CRITICAL text WORKING POC
NS Download Shop 2.2.6 - SQL Injection via Invoice Create ID Parameter
The NS Download Shop (aka com_ns_downloadshop) component 2.2.6 for Joomla! allows SQL Injection via the id parameter in an invoice.create action.
CVSS 9.8
EIP-2026-108814 EXPLOITDB text WORKING POC
Joomla! Component OneVote! 1.0 - SQL Injection
EIP-2026-108818 EXPLOITDB text WORKING POC
Joomla! Component OS Property 3.0.8 - SQL Injection
CVE-2018-7319 EXPLOITDB CRITICAL text WRITEUP
OS Property Real Estate 3.12.7 - SQL Injection via Cooling System, Heating System, or Laundry Parameter
SQL Injection exists in the OS Property Real Estate 3.12.7 component for Joomla! via the cooling_system1, heating_system1, or laundry parameter.
CVSS 9.8
EIP-2026-108819 EXPLOITDB text WORKING POC
Joomla! Component OS Services Booking 2.5.1 - SQL Injection
EIP-2026-108820 EXPLOITDB text WORKING POC
Joomla! Component OSDownloads 1.7.4 - SQL Injection
EIP-2026-108825 EXPLOITDB text WORKING POC
Joomla! Component PayPal IPN for DOCman 3.1 - 'id' SQL Injection
CVE-2018-17378 EXPLOITDB CRITICAL text WORKING POC
Penny Auction Factory 2.0.4 - SQL Injection
SQL Injection exists in the Penny Auction Factory 2.0.4 component for Joomla! via the filter_order_Dir or filter_order parameter.
CVSS 9.8
EIP-2026-108830 EXPLOITDB text WORKING POC
Joomla! Component Photo Contest 1.0.2 - SQL Injection
EIP-2026-108831 EXPLOITDB text WORKING POC
Joomla! Component PHP-Bridge 1.2.3 - SQL Injection