Ihsan Sencan

964 exploits Active since Sep 2017
EIP-2026-106759 EXPLOITDB text WRITEUP
ECommerce-TIBSECART - Arbitrary File Upload
EIP-2026-106758 EXPLOITDB text WRITEUP
ECommerce-Multi-Vendor Software - Arbitrary File Upload
EIP-2026-106751 EXPLOITDB text WORKING POC
eCardMAX 10.5 - SQL Injection
EIP-2026-106338 EXPLOITDB text WORKING POC
Daily Deals Script 1.0 - 'id' SQL Injection
EIP-2026-106704 EXPLOITDB text WORKING POC
Easy Web Search 4.0 - SQL Injection
EIP-2026-106703 EXPLOITDB text WORKING POC
Easy Web Search 3 - 'id' SQL Injection
EIP-2026-106700 EXPLOITDB text WORKING POC
Easy Support Tools 1.0 - 'stt' SQL Injection
EIP-2026-106694 EXPLOITDB text WORKING POC
Easy File Uploader 1.2 - Arbitrary File Download
CVE-2018-5986 EXPLOITDB CRITICAL text WORKING POC
Easy Car Script 2014 - SQL Injection
SQL Injection exists in Easy Car Script 2014 via the s_order or s_row parameter to site_search.php.
CVSS 9.8
EIP-2026-106646 EXPLOITDB text WORKING POC
e-Soft24 Jokes Portal Script Seo 1.3 - Authentication Bypass
CVE-2017-15958 EXPLOITDB CRITICAL text WORKING POC
Domainzaar D-park Pro - SQL Injection
D-Park Pro Domain Parking Script 1.0 allows SQL Injection via the username to admin/loginform.php.
CVSS 9.8
EIP-2026-106637 EXPLOITDB text WORKING POC
E-Registrasi Pencak Silat 18.10 - 'id_partai' SQL Injection
CVE-2018-18801 EXPLOITDB CRITICAL text WORKING POC
Bsen Ordering Software - SQL Injection
The BSEN Ordering software 1.0 has SQL Injection via student/index.php?view=view&id=[SQL] or index.php?q=single-item&id=[SQL].
CVSS 9.8
CVE-2017-17610 EXPLOITDB CRITICAL text WORKING POC
E-commerce Mlm Software - SQL Injection
E-commerce MLM Software 1.0 has SQL Injection via the service_detail.php pid parameter, event_detail.php eventid parameter, or news_detail.php newid parameter.
CVSS 9.8
EIP-2026-106545 EXPLOITDB text WORKING POC
doorGets CMS 7.0 - Arbitrary File Download
CVE-2017-17594 EXPLOITDB CRITICAL text WORKING POC
Domainsale Php Script - SQL Injection
DomainSale PHP Script 1.0 has SQL Injection via the domain.php id parameter.
CVSS 9.8
EIP-2026-106538 EXPLOITDB text WORKING POC
Domains Marketplace Script 1.1 - Authentication Bypass
EIP-2026-106536 EXPLOITDB text WRITEUP
Domains & Hostings Manager PRO 3.0 - 'entries' SQL Injection
EIP-2026-106532 EXPLOITDB text WRITEUP
Domain Marketplace Script - SQL Injection
EIP-2026-106503 EXPLOITDB text WORKING POC
doitX 1.0 - 'search' SQL Injection
EIP-2026-106496 EXPLOITDB text WRITEUP
Document Management Template - 'hash' SQL Injection
CVE-2017-17611 EXPLOITDB CRITICAL text WORKING POC
Doctor Search Script - SQL Injection
Doctor Search Script 1.0 has SQL Injection via the /list city parameter.
CVSS 9.8
EIP-2026-106493 EXPLOITDB text WORKING POC
Doctor Patient Project 1.0 - SQL Injection
EIP-2026-106433 EXPLOITDB text WORKING POC
DeWorkshop 1.0 - SQL Injection
EIP-2026-106432 EXPLOITDB text WRITEUP
DeWorkshop 1.0 - Arbitrary File Upload