Ihsan Sencan

964 exploits Active since Sep 2017
CVE-2017-17642 EXPLOITDB CRITICAL html WORKING POC
Basic Job Site Script - SQL Injection
Basic Job Site Script 2.0.5 has SQL Injection via the keyword parameter to /job.
CVSS 9.8
CVE-2017-17608 EXPLOITDB CRITICAL text WORKING POC
Kindergarten - Elementary School Listing Script - SQL Injection
Child Care Script 1.0 has SQL Injection via the /list city parameter.
CVSS 9.8
CVE-2017-17609 EXPLOITDB CRITICAL text WORKING POC
Chartered Accountant Booking Script - SQL Injection
Chartered Accountant Booking Script 1.0 has SQL Injection via the /service-list city parameter.
CVSS 9.8
EIP-2026-105770 EXPLOITDB text WORKING POC
Cells Blog 3.5 - 'bgid' / 'fmid' / 'fnid' SQL Injection
CVE-2017-14703 EXPLOITDB CRITICAL perl WORKING POC
Cash Back Comparison Script 1.0 - SQL Injection
SQL injection vulnerability in Cash Back Comparison Script 1.0 allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to search/.
CVSS 9.8
EIP-2026-105137 EXPLOITDB text WORKING POC
Alstrasoft Video Share Enterprise 4.72 - SQL Injection
EIP-2026-105136 EXPLOITDB perl WORKING POC
Alstrasoft Template Seller Pro 3.25e - 'tempid' SQL Injection
EIP-2026-105135 EXPLOITDB text WRITEUP
Alstrasoft ProTaxi Enterprise 3.5 - Arbitrary File Upload
EIP-2026-105134 EXPLOITDB text WRITEUP
Alstrasoft Forum Pay Per Post Exchange Script 2.01 - SQL Injection
EIP-2026-105133 EXPLOITDB html WORKING POC
Alstrasoft FMyLife Pro 1.02 - Cross-Site Request Forgery (Add Admin)
EIP-2026-105129 EXPLOITDB text WRITEUP
Alstrasoft e-Friends 5.12 - SQL Injection
CVE-2017-17600 EXPLOITDB CRITICAL text WORKING POC
Basic B2b Script - SQL Injection
Basic B2B Script 2.0.8 has SQL Injection via the product_details.php id parameter.
CVSS 9.8
CVE-2017-15985 EXPLOITDB CRITICAL text WORKING POC
Readymadeb2bscript Basic B2b Script - SQL Injection
Basic B2B Script allows SQL Injection via the product_view1.php pid or id parameter.
CVSS 9.8
CVE-2018-18804 EXPLOITDB CRITICAL text WORKING POC
Bakeshop Inventory System - SQL Injection
Bakeshop Inventory System 1.0 has SQL injection via the login screen, related to include/publicfunction.vb.
CVSS 9.8
EIP-2026-105370 EXPLOITDB text WORKING POC
Babysitter Website Script 1.0 - SQL Injection
EIP-2026-105355 EXPLOITDB text WORKING POC
B2B Marketplace Script 2.0 - SQL Injection
EIP-2026-105353 EXPLOITDB text WORKING POC
B2B Alibaba Clone Script - 'IndustryID' SQL Injection
EIP-2026-105315 EXPLOITDB text WORKING POC
Automated Job Portal Script - SQL Injection
EIP-2026-105297 EXPLOITDB text WRITEUP
Audiojungle Clone Script - SQL Injection
EIP-2026-105295 EXPLOITDB text WRITEUP
Auction Website Script - SQL Injection
EIP-2026-105258 EXPLOITDB text WORKING POC
Asaancart Simple PHP Shopping Cart 0.9 - Arbitrary File Upload / SQL Injection
EIP-2026-105238 EXPLOITDB text WRITEUP
Article Directory Script Seo 3.2 - Improper Access Restrictions
CVE-2017-15960 EXPLOITDB CRITICAL text WORKING POC
Yourarticlesdirectory Article Directory Script - SQL Injection
Article Directory Script 3.0 allows SQL Injection via the id parameter to author.php or category.php.
CVSS 9.8
CVE-2017-15978 EXPLOITDB CRITICAL text WRITEUP
Arox School Erp Php Script - SQL Injection
AROX School ERP PHP Script 1.0 allows SQL Injection via the office_admin/ id parameter.
CVSS 9.8
EIP-2026-105228 EXPLOITDB text WORKING POC
Architectural 1.0 - 'email' SQL Injection