Ihsan Sencan

964 exploits Active since Sep 2017
EIP-2026-108897 EXPLOITDB text WORKING POC
Joomla! Component vWishlist 1.0.1 - SQL Injection
EIP-2026-108899 EXPLOITDB text WORKING POC
Joomla! Component WMT Content Timeline 1.0 - 'id' SQL Injection
EIP-2026-108904 EXPLOITDB text WORKING POC
Joomla! Component Zap Calendar Lite 4.3.4 - SQL Injection
CVE-2018-6605 EXPLOITDB CRITICAL text WORKING POC
ZH Baidumap - SQL Injection
SQL Injection exists in the Zh BaiduMap 3.0.0.1 component for Joomla! via the id parameter in a getPlacemarkDetails, getPlacemarkHoverText, getPathHoverText, or getPathDetails request.
CVSS 9.8
CVE-2018-6582 EXPLOITDB CRITICAL text WORKING POC
ZH Googlemap - SQL Injection
SQL Injection exists in the Zh GoogleMap 8.4.0.0 component for Joomla! via the id parameter in a getPlacemarkDetails, getPlacemarkHoverText, getPathHoverText, or getPathDetails request.
CVSS 9.8
CVE-2017-15966 EXPLOITDB CRITICAL text WORKING POC
ZH Yandexmap - SQL Injection
The Zh YandexMap (aka com_zhyandexmap) component 6.1.1.0 for Joomla! allows SQL Injection via the placemarklistid parameter to index.php.
CVSS 9.8
CVE-2018-6604 EXPLOITDB CRITICAL html WORKING POC
ZH Yandexmap - SQL Injection
SQL Injection exists in the Zh YandexMap 6.2.1.0 component for Joomla! via the id parameter in a task=getPlacemarkDetails request.
CVSS 9.8
CVE-2018-5987 EXPLOITDB CRITICAL text WORKING POC
Pinterest Clone Social Pinboard 2.0 - SQL Injection
SQL Injection exists in the Pinterest Clone Social Pinboard 2.0 component for Joomla! via the pin_id or user_id parameter in a task=getlikeinfo action, the ends parameter in a view=gift action, the category parameter in a view=home action, the uid parameter in a view=pindisplay action, the searchVal parameter in a view=search action, or the uid parameter in a view=likes action.
CVSS 9.8
EIP-2026-108938 EXPLOITDB text WRITEUP
Just Another Video Script 1.4.3 - SQL Injection
EIP-2026-108941 EXPLOITDB text WORKING POC
Just Dial Marketplace - Authentication Bypass
EIP-2026-108942 EXPLOITDB text WRITEUP
Just Dial Marketplace 1.0 - SQL Injection
EIP-2026-108944 EXPLOITDB text WORKING POC
Justdial Clone Script - 'fid' SQL Injection
EIP-2026-108945 EXPLOITDB text WORKING POC
Justdial Clone Script - Authentication Bypass
CVE-2018-18755 EXPLOITDB CRITICAL text WORKING POC
K-iwi - SQL Injection
K-iwi Framework 1775 has SQL Injection via the admin/user/group/update user_group_id parameter or the admin/user/user/update user_id parameter.
CVSS 9.8
EIP-2026-108954 EXPLOITDB text WORKING POC
Kados R10 GreenBee - 'release_id' SQL Injection
CVE-2017-17618 EXPLOITDB CRITICAL text WRITEUP
Kickstarter Clone Script - SQL Injection
Kickstarter Clone Script 2.0 has SQL Injection via the investcalc.php projid parameter.
CVSS 9.8
EIP-2026-109040 EXPLOITDB text WORKING POC
KORA 2.7.0 - 'cid' SQL Injection
EIP-2026-109041 EXPLOITDB text WORKING POC
Kordil EDMS 2.2.60rc3 - Arbitrary File Upload
EIP-2026-109060 EXPLOITDB text WORKING POC
Ladder System 6.0 - 'faqid' SQL Injection
CVE-2017-17619 EXPLOITDB CRITICAL text WORKING POC
Laundry Booking Script - SQL Injection
Laundry Booking Script 1.0 has SQL Injection via the /list city parameter.
CVSS 9.8
EIP-2026-109077 EXPLOITDB text WRITEUP
Law Firm 1.0 - SQL Injection
CVE-2017-17620 EXPLOITDB CRITICAL text WORKING POC
Lawyer Search Script - SQL Injection
Lawyer Search Script 1.1 has SQL Injection via the /lawyer-list city parameter.
CVSS 9.8
EIP-2026-109090 EXPLOITDB text WORKING POC
Learning with Texts 1.6.2 - 'start' SQL Injection
EIP-2026-109094 EXPLOITDB text WORKING POC
Lending And Borrowing - 'pid' SQL Injection
CVE-2018-6372 EXPLOITDB CRITICAL text WORKING POC
Joombooking JB Bus - SQL Injection
SQL Injection exists in the JB Bus 2.3 component for Joomla! via the order_number parameter.
CVSS 9.8