Ihsan Sencan

964 exploits Active since Sep 2017
CVE-2018-25166 EXPLOITDB HIGH text WORKING POC
Meneame English Pligg 5.8 - SQL Injection
Meneame English Pligg 5.8 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the search parameter. Attackers can send GET requests to index.php with crafted SQL payloads in the search parameter to extract sensitive database information including usernames, database names, and version details.
CVSS 8.2
CVE-2018-25165 EXPLOITDB HIGH text WORKING POC
Galaxy Forces MMORPG 0.5.8 - SQL Injection
Galaxy Forces MMORPG 0.5.8 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'type' parameter. Attackers can send POST requests to ads.php with crafted SQL payloads in the type parameter to extract sensitive database information including usernames, databases, and version details.
CVSS 7.1
CVE-2018-25164 EXPLOITDB HIGH text WORKING POC
EverSync 0.5 - Info Disclosure
EverSync 0.5 contains an arbitrary file download vulnerability that allows unauthenticated attackers to access sensitive files by requesting them directly from the files directory. Attackers can send GET requests to the files directory to download database files like db.sq3 containing application data and credentials.
CVSS 7.5
CVE-2018-25163 EXPLOITDB HIGH text WORKING POC
BitZoom 1.0 - SQL Injection
BitZoom 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the rollno and username parameters in forgot.php and login.php. Attackers can submit crafted POST requests with SQL UNION statements to extract database schema information and table contents from the application database.
CVSS 8.2
CVE-2018-25162 EXPLOITDB MEDIUM text WORKING POC
2-Plan Team 1.0.4 - Authenticated RCE
2-Plan Team 1.0.4 contains an arbitrary file upload vulnerability that allows authenticated attackers to upload executable PHP files by sending multipart form data to managefile.php. Attackers can upload PHP files through the userfile1 parameter with action=upload, which are stored in the files directory and executed by the web server for remote code execution.
CVSS 6.5
CVE-2018-25161 EXPLOITDB HIGH text WORKING POC
Warranty Tracking System 11.06.3 - SQL Injection
Warranty Tracking System 11.06.3 contains an SQL injection vulnerability that allows attackers to execute arbitrary SQL queries by injecting malicious code through the txtCustomerCode, txtCustomerName, and txtPhone POST parameters in SearchCustomer.php. Attackers can submit crafted SQL statements using UNION SELECT to extract sensitive database information including usernames, database names, and version details.
CVSS 8.2
CVE-2024-1186 EXPLOITDB LOW python WORKING POC
Munsoft Easy Archive Recovery - Improper Resource Release
A vulnerability classified as problematic was found in Munsoft Easy Archive Recovery 2.0. This vulnerability affects unknown code of the component Registration Key Handler. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252676. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 3.3
CVE-2020-37173 EXPLOITDB HIGH text WORKING POC
AVideo Platform 8.1 - Info Disclosure
AVideo Platform 8.1 contains an information disclosure vulnerability that allows attackers to enumerate user details through the playlistsFromUser.json.php endpoint. Attackers can retrieve sensitive user information including email, password hash, and administrative status by manipulating the users_id parameter.
CVSS 7.5
CVE-2020-37172 EXPLOITDB MEDIUM text WORKING POC
AVideo Platform 8.1 - CSRF
AVideo Platform 8.1 contains a cross-site request forgery vulnerability that allows attackers to reset user passwords by exploiting the password recovery mechanism. Attackers can craft malicious requests to the recoverPass endpoint using the user's recovery token to change account credentials without authentication.
CVSS 5.3
CVE-2020-37163 EXPLOITDB HIGH text WORKING POC
QuickDate 1.3.2 - SQL Injection
QuickDate 1.3.2 contains a SQL injection vulnerability that allows remote attackers to manipulate database queries through the '_located' parameter in the find_matches endpoint. Attackers can inject UNION-based SQL statements to extract database information including user credentials, database name, and system version.
CVSS 8.2
CVE-2020-37158 EXPLOITDB MEDIUM text WORKING POC
AVideo Platform 8.1 - CSRF
AVideo Platform 8.1 contains a cross-site request forgery vulnerability that allows attackers to reset user passwords by exploiting the password recovery mechanism. Attackers can craft malicious requests to the recoverPass endpoint using the user's recovery token to change account credentials without authentication.
CVSS 5.3
CVE-2018-17399 EXPLOITDB CRITICAL text WORKING POC
Jimtawl 2.2.7 - SQL Injection
SQL Injection exists in the Jimtawl 2.2.7 component for Joomla! via the id parameter.
CVSS 9.8
CVE-2018-17398 EXPLOITDB CRITICAL perl WORKING POC
AMGallery 1.2.3 - SQL Injection
SQL Injection exists in the AMGallery 1.2.3 component for Joomla! via the filter_category_id parameter.
CVSS 9.8
CVE-2018-17393 EXPLOITDB CRITICAL text WORKING POC
HealthNode Hospital Management System 1.0 - SQL Injection
SQL Injection exists in HealthNode Hospital Management System 1.0 via the id parameter to dashboard/Patient/info.php or dashboard/Patient/patientdetails.php.
CVSS 9.8
CVE-2018-17389 EXPLOITDB HIGH text WORKING POC
Live Call Support App 1.5 - CSRF
CSRF exists in server.php in Live Call Support Application 1.5 for adding an admin account.
CVSS 8.8
CVE-2018-17388 EXPLOITDB CRITICAL text WORKING POC
Twilio WEB To Fax Machine System 1.0 - SQL Injection
SQL Injection exists in Twilio WEB To Fax Machine System 1.0 via the email or password parameter to login_check.php, or the id parameter to add_email.php or edit_content.php.
CVSS 9.8
CVE-2018-17387 EXPLOITDB HIGH html WORKING POC
Nimble Messaging Bulk SMS Marketing App 1.0 - CSRF
CSRF exists in Nimble Messaging Bulk SMS Marketing Application 1.0 for adding an admin account.
CVSS 8.8
CVE-2018-17381 EXPLOITDB CRITICAL text WORKING POC
Dutch Auction Factory 2.0.2 - SQL Injection
SQL Injection exists in the Dutch Auction Factory 2.0.2 component for Joomla! via the filter_order_Dir or filter_order parameter.
CVSS 9.8
CVE-2018-17374 EXPLOITDB CRITICAL text WORKING POC
Auction Factory 4.5.5 - SQL Injection
SQL Injection exists in the Auction Factory 4.5.5 component for Joomla! via the filter_order_Dir or filter_order parameter.
CVSS 9.8
CVE-2018-17386 EXPLOITDB CRITICAL text WORKING POC
Micro Deal Factory 2.4.0 - SQL Injection
SQL Injection exists in the Micro Deal Factory 2.4.0 component for Joomla! via the id parameter, or the PATH_INFO to mydeals/ or listdeals/.
CVSS 9.8
CVE-2018-18944 EXPLOITDB HIGH python WORKING POC
Artha - Memory Corruption
Artha ~ The Open Thesaurus 1.0.3.0 has a Buffer Overflow.
CVSS 7.5
CVE-2018-18802 EXPLOITDB HIGH text WORKING POC
Tubigan Welcome TO Our Resort - CSRF
The Tubigan "Welcome to our Resort" 1.0 software allows CSRF via admin/mod_users/controller.php?action=edit.
CVSS 8.8
CVE-2018-18758 EXPLOITDB CRITICAL text WORKING POC
Open Faculty Evaluation System - SQL Injection
Open Faculty Evaluation System 7 for PHP 7 allows submit_feedback.php SQL Injection, a different vulnerability than CVE-2018-18757.
CVSS 9.8
CVE-2018-18757 EXPLOITDB CRITICAL text WORKING POC
Open Faculty Evaluation System - SQL Injection
Open Faculty Evaluation System 5.6 for PHP 5.6 allows submit_feedback.php SQL Injection, a different vulnerability than CVE-2018-18758.
CVSS 9.8
CVE-2018-17843 EXPLOITDB CRITICAL text WORKING POC
ADD Clicking MLM Software <1.0 - SQL Injection
SQL injection exists in ADD Clicking MLM Software 1.0, Binary MLM Software 1.0, Level MLM Software 1.0, Singleleg MLM Software 1.0, Autopool MLM Software 1.0, Investment MLM Software 1.0, Bidding MLM Software 1.0, Moneyorder MLM Software 1.0, Repurchase MLM Software 1.0, and Gift MLM Software 1.0 via the member/readmsg.php msg_id parameter, the member/tree.php pid parameter, or the member/downline.php m_id parameter.
CVSS 9.8