Ihsan Sencan - Security Researcher - Exploit Intelligence Platform

EIP-2026-109077 EXPLOITDB text WRITEUP

Law Firm 1.0 - SQL Injection

View Code

CVE-2017-17620 EXPLOITDB CRITICAL text WORKING POC

Lawyer Search Script 1.1 - SQL Injection via City Parameter

Lawyer Search Script 1.1 has SQL Injection via the /lawyer-list city parameter.

CVSS 9.8

View Code

EIP-2026-109090 EXPLOITDB text WORKING POC

Learning with Texts 1.6.2 - 'start' SQL Injection

View Code

EIP-2026-109094 EXPLOITDB text WORKING POC

Lending And Borrowing - 'pid' SQL Injection

View Code

EIP-2026-108686 EXPLOITDB text WRITEUP

Joomla! Component J-MultipleHotelReservation Standard 6.0.2 - 'review_id' SQL Injection

View Code

EIP-2026-108740 EXPLOITDB text WORKING POC

Joomla! Component JoomCRM 1.1.1 - SQL Injection

View Code

EIP-2026-108739 EXPLOITDB text WORKING POC

Joomla! Component JoomBlog 1.3.1 - SQL Injection

View Code

EIP-2026-108738 EXPLOITDB text WORKING POC

Joomla! Component Joomanager 2.0.0 - 'com_Joomanager' Arbitrary File Download (PoC)

View Code

EIP-2026-108736 EXPLOITDB text WORKING POC

Joomla! Component JooDatabase 3.1.0 - SQL Injection

View Code

EIP-2026-108735 EXPLOITDB text WORKING POC

Joomla! Component JooCart 2.x - 'product_id' SQL Injection

View Code

EIP-2026-108734 EXPLOITDB text WORKING POC

Joomla! Component JomWALL 4.0 - 'wuid' SQL Injection

View Code

EIP-2026-108732 EXPLOITDB text WORKING POC

Joomla! Component JomSocial - SQL Injection

View Code

CVE-2018-6368 EXPLOITDB CRITICAL text WORKING POC

JomEstate PRO < 3.7 - SQL Injection via id Parameter in task=detailed Action

SQL Injection exists in the JomEstate PRO through 3.7 component for Joomla! via the id parameter in a task=detailed action.

CVSS 9.8

View Code

CVE-2018-17382 EXPLOITDB CRITICAL text WORKING POC

Jobs Factory 2.0.4 - SQL Injection via filter_letter Parameter

SQL Injection exists in the Jobs Factory 2.0.4 component for Joomla! via the filter_letter parameter.

CVSS 9.8

View Code

EIP-2026-108728 EXPLOITDB text WORKING POC

Joomla! Component JO Facebook Gallery 4.5 - SQL Injection

View Code

EIP-2026-108727 EXPLOITDB text WORKING POC

Joomla! Component JMultipleHotelReservation 6.0.7 - SQL Injection

View Code

CVE-2018-6581 EXPLOITDB CRITICAL text WORKING POC

jms_music 1.1.1 - SQL Injection via Search Parameter

SQL Injection exists in the JMS Music 1.1.1 component for Joomla! via a search with the keyword, artist, or username parameter.

CVSS 9.8

View Code

CVE-2018-6610 EXPLOITDB HIGH php WORKING POC

jlike 1.0 - Exposure of Sensitive Information via task Parameter

Information Leakage exists in the jLike 1.0 component for Joomla! via a task=getUserByCommentId request.

CVSS 7.5

View Code

CVE-2018-6580 EXPLOITDB CRITICAL text WRITEUP

Jimtawl 2.1.6 and 2.2.5 - Unrestricted File Upload via Component Request

Arbitrary file upload exists in the Jimtawl 2.1.6 and 2.2.5 component for Joomla! via a view=upload&task=upload&pop=true&tmpl=component request.

CVSS 9.8

View Code

EIP-2026-108724 EXPLOITDB text WORKING POC

Joomla! Component JHotelReservation 6.0.7 - SQL Injection

View Code

CVE-2018-5970 EXPLOITDB CRITICAL text WORKING POC

JGive 2.0.9 - SQL Injection via filter_org_ind_type or campaign_countries Parameter

SQL Injection exists in the JGive 2.0.9 component for Joomla! via the filter_org_ind_type or campaign_countries parameter.

CVSS 9.8

View Code

CVE-2017-17872 EXPLOITDB CRITICAL text WORKING POC

JEXTN Video Gallery 3.0.5 - SQL Injection via id Parameter

The JEXTN Video Gallery extension 3.0.5 for Joomla! has SQL Injection via the id parameter in a view=category action.

CVSS 9.8

View Code

CVE-2018-6579 EXPLOITDB CRITICAL text WORKING POC

JEXTN Reverse Auction 3.1.0 - SQL Injection via view=products&uid= Parameter

SQL Injection exists in the JEXTN Reverse Auction 3.1.0 component for Joomla! via a view=products&uid= request.

CVSS 9.8

View Code

CVE-2017-17871 EXPLOITDB CRITICAL text WORKING POC

JEXTN Question And Answer 3.1.0 - SQL Injection via an or ques-srch Parameter

The "JEXTN Question And Answer" extension 3.1.0 for Joomla! has SQL Injection via the an parameter in a view=tags action, or the ques-srch parameter.

CVSS 9.8

View Code

CVE-2018-6577 EXPLOITDB CRITICAL html WORKING POC

JEXTN Membership 3.1.0 - SQL Injection via usr_plan Parameter

SQL Injection exists in the JEXTN Membership 3.1.0 component for Joomla! via the usr_plan parameter in a view=myplans&task=myplans.usersubscriptions request.

CVSS 9.8

View Code