Ihsan Sencan - Security Researcher - Exploit Intelligence Platform

EIP-2026-108685 EXPLOITDB text WORKING POC

Joomla! Component J-HotelPortal 6.0.2 - 'review_id' SQL Injection

View Code

EIP-2026-108684 EXPLOITDB text WRITEUP

Joomla! Component J-CruiseReservation Standard 3.0 - 'city' SQL Injection

View Code

EIP-2026-108683 EXPLOITDB text WORKING POC

Joomla! Component J-CruisePortal 6.0.4 - SQL Injection

View Code

EIP-2026-108682 EXPLOITDB text WORKING POC

Joomla! Component J-ClassifiedsManager 3.0.5 - SQL Injection

View Code

EIP-2026-108681 EXPLOITDB text WORKING POC

Joomla! Component J-BusinessDirectory 4.9.7 - 'type' SQL Injection

View Code

EIP-2026-108680 EXPLOITDB text WRITEUP

Joomla! Component J-BusinessDirectory 4.6.8 - SQL Injection

View Code

CVE-2018-6394 EXPLOITDB CRITICAL text WORKING POC

InviteX 3.0.5 - SQL Injection via invite_type Parameter

SQL Injection exists in the InviteX 3.0.5 component for Joomla! via the invite_type parameter in a view=invites action.

CVSS 9.8

View Code

EIP-2026-108676 EXPLOITDB text WORKING POC

Joomla! Component Intranet Attendance Track 2.6.5 - SQL Injection

View Code

EIP-2026-108669 EXPLOITDB text WORKING POC

Joomla! Component Hbooking 1.9.9 - 'h_id' SQL Injection

View Code

EIP-2026-108668 EXPLOITDB text WORKING POC

Joomla! Component Guru Pro - 'promocode' SQL Injection

View Code

EIP-2026-108666 EXPLOITDB text WORKING POC

Joomla! Component Guesser 1.0.4 - 'type' SQL Injection

View Code

EIP-2026-108664 EXPLOITDB text WORKING POC

Joomla! Component Groovy Gallery 1.0.0 - SQL Injection

View Code

EIP-2026-108663 EXPLOITDB text WORKING POC

Joomla! Component GPS Tools 4.0.1 - SQL Injection

View Code

EIP-2026-108662 EXPLOITDB text WORKING POC

Joomla! Component Google Map Store Locator 4.4 - SQL Injection

View Code

CVE-2018-6396 EXPLOITDB CRITICAL text WORKING POC

Google Map Landkarten <= 4.2.3 - SQL Injection via cid/id/map Parameters

SQL Injection exists in the Google Map Landkarten through 4.2.3 component for Joomla! via the cid or id parameter in a layout=form_markers action, or the map parameter in a layout=default action.

CVSS 9.8

View Code

EIP-2026-108661 EXPLOITDB text WORKING POC

Joomla! Component Gnosis 1.1.2 - 'id' SQL Injection

View Code

CVE-2018-5981 EXPLOITDB CRITICAL text WORKING POC

Gallery WD 1.3.6 - SQL Injection via tag_id or gallery_id Parameter

SQL Injection exists in the Gallery WD 1.3.6 component for Joomla! via the tag_id parameter or gallery_id parameter.

CVSS 9.8

View Code

CVE-2018-5991 EXPLOITDB CRITICAL text WORKING POC

Joomla! Form Maker 3.6.12 - SQL Injection

SQL Injection exists in the Form Maker 3.6.12 component for Joomla! via the id, from, or to parameter in a view=stats request, a different vulnerability than CVE-2015-2798.

CVSS 9.8

View Code

EIP-2026-108653 EXPLOITDB text WORKING POC

Joomla! Component FocalPoint 1.2.3 - SQL Injection

View Code

EIP-2026-108652 EXPLOITDB text WORKING POC

Joomla! Component Flip Wall 8.0 - 'wallid' SQL Injection

View Code

CVE-2018-6004 EXPLOITDB CRITICAL text WORKING POC

Joomla! File Download Tracker 3.0 - SQL Injection

SQL Injection exists in the File Download Tracker 3.0 component for Joomla! via the dynfield[phone] or sess parameter.

CVSS 9.8

View Code

CVE-2018-6373 EXPLOITDB CRITICAL text WORKING POC

fastball 2.5 - SQL Injection via Season Parameter

SQL Injection exists in the Fastball 2.5 component for Joomla! via the season parameter in a view=player action.

CVSS 9.8

View Code

EIP-2026-108645 EXPLOITDB text WORKING POC

Joomla! Component Extra Search 2.2.8 - 'establename' SQL Injection

View Code

EIP-2026-108643 EXPLOITDB text WRITEUP

Joomla! Component Eventix Events Calendar 1.0 - SQL Injection

View Code

EIP-2026-108642 EXPLOITDB text WORKING POC

Joomla! Component Event Registration Pro Calendar 4.1.3 - SQL Injection

View Code