Ihsan Sencan

985 exploits Active since Sep 2017
EIP-2026-105770 EXPLOITDB text WORKING POC
Cells Blog 3.5 - 'bgid' / 'fmid' / 'fnid' SQL Injection
CVE-2017-14703 EXPLOITDB CRITICAL perl WORKING POC
Cash Back Comparison Script 1.0 - SQL Injection
SQL injection vulnerability in Cash Back Comparison Script 1.0 allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to search/.
CVSS 9.8
EIP-2026-105137 EXPLOITDB text WORKING POC
Alstrasoft Video Share Enterprise 4.72 - SQL Injection
EIP-2026-105136 EXPLOITDB perl WORKING POC
Alstrasoft Template Seller Pro 3.25e - 'tempid' SQL Injection
EIP-2026-105135 EXPLOITDB text WRITEUP
Alstrasoft ProTaxi Enterprise 3.5 - Arbitrary File Upload
EIP-2026-105134 EXPLOITDB text WRITEUP
Alstrasoft Forum Pay Per Post Exchange Script 2.01 - SQL Injection
EIP-2026-105133 EXPLOITDB html WORKING POC
Alstrasoft FMyLife Pro 1.02 - Cross-Site Request Forgery (Add Admin)
EIP-2026-105129 EXPLOITDB text WRITEUP
Alstrasoft e-Friends 5.12 - SQL Injection
CVE-2017-17600 EXPLOITDB CRITICAL text WORKING POC
Basic B2B Script 2.0.8 - SQL Injection via product_details.php id Parameter
Basic B2B Script 2.0.8 has SQL Injection via the product_details.php id parameter.
CVSS 9.8
CVE-2017-15985 EXPLOITDB CRITICAL text WORKING POC
Basic B2B Script - SQL Injection via product_view1.php pid or id Parameter
Basic B2B Script allows SQL Injection via the product_view1.php pid or id parameter.
CVSS 9.8
CVE-2018-18804 EXPLOITDB CRITICAL text WORKING POC
Bakeshop Inventory System 1.0 - SQL Injection via Login Screen
Bakeshop Inventory System 1.0 has SQL injection via the login screen, related to include/publicfunction.vb.
CVSS 9.8
EIP-2026-105370 EXPLOITDB text WORKING POC
Babysitter Website Script 1.0 - SQL Injection
EIP-2026-105355 EXPLOITDB text WORKING POC
B2B Marketplace Script 2.0 - SQL Injection
EIP-2026-105353 EXPLOITDB text WORKING POC
B2B Alibaba Clone Script - 'IndustryID' SQL Injection
EIP-2026-105315 EXPLOITDB text WORKING POC
Automated Job Portal Script - SQL Injection
EIP-2026-105297 EXPLOITDB text WRITEUP
Audiojungle Clone Script - SQL Injection
EIP-2026-105295 EXPLOITDB text WRITEUP
Auction Website Script - SQL Injection
EIP-2026-105258 EXPLOITDB text WORKING POC
Asaancart Simple PHP Shopping Cart 0.9 - Arbitrary File Upload / SQL Injection
EIP-2026-105238 EXPLOITDB text WRITEUP
Article Directory Script Seo 3.2 - Improper Access Restrictions
CVE-2017-15960 EXPLOITDB CRITICAL text WORKING POC
Article Directory Script 3.0 - SQL Injection via id Parameter
Article Directory Script 3.0 allows SQL Injection via the id parameter to author.php or category.php.
CVSS 9.8
CVE-2017-15978 EXPLOITDB CRITICAL text WRITEUP
AROX School ERP PHP Script 1.0 - SQL Injection via Office Admin ID Parameter
AROX School ERP PHP Script 1.0 allows SQL Injection via the office_admin/ id parameter.
CVSS 9.8
EIP-2026-105228 EXPLOITDB text WORKING POC
Architectural 1.0 - 'email' SQL Injection
EIP-2026-105210 EXPLOITDB text WORKING POC
Appsource School Management System 1.0 - 'student_id' SQL Injection
EIP-2026-105206 EXPLOITDB text WRITEUP
Appointment Script - SQL Injection
CVE-2017-14841 EXPLOITDB MEDIUM text WRITEUP
Mojoomla AMC - Arbitrary File Upload
Mojoomla Annual Maintenance Contract (AMC) Management System allows Arbitrary File Upload in profilesetting image handling.
CVSS 6.5