Ihsan Sencan

1,027 exploits Active since Sep 2017
EIP-2026-105721 EXPLOITDB text WORKING POC
Car Workshop System - SQL Injection
CVE-2017-17637 EXPLOITDB CRITICAL text WORKING POC
Car Rental Script 2.0.4 - SQL Injection via countrycode1.php val Parameter
Car Rental Script 2.0.4 has SQL Injection via the countrycode1.php val parameter.
CVSS 9.8
EIP-2026-105692 EXPLOITDB text WRITEUP
Calendar Template 2.0 - 'editid1' SQL Injection
CVE-2017-17601 EXPLOITDB CRITICAL text WORKING POC
Cab Booking Script 1.0 - SQL Injection via Service-List City Parameter
Cab Booking Script 1.0 has SQL Injection via the /service-list city parameter.
CVSS 9.8
EIP-2026-105663 EXPLOITDB text WORKING POC
Buy and Sell Market Place Software - SQL Injection
EIP-2026-105658 EXPLOITDB text WRITEUP
Business Directory Script - SQL Injection
EIP-2026-105657 EXPLOITDB text WORKING POC
Busewe 1.2 - SQL Injection
CVE-2017-17645 EXPLOITDB CRITICAL html WORKING POC
Bus Booking Script 1.0 - SQL Injection via txtname Parameter
Bus Booking Script 1.0 has SQL Injection via the txtname parameter to admin/index.php.
CVSS 9.8
CVE-2018-6367 EXPLOITDB CRITICAL text WORKING POC
Vastal I-Tech Buddy Zone Facebook Clone 2.9.9 - SQL Injection via chat_window.php or search_events.php
SQL Injection exists in Vastal I-Tech Buddy Zone Facebook Clone 2.9.9 via the /chat_im/chat_window.php request_id parameter or the /search_events.php category parameter.
CVSS 9.8
EIP-2026-105485 EXPLOITDB text WRITEUP
BistroStays 3.0 - 'guests' SQL Injection
CVE-2017-17876 EXPLOITDB HIGH text WORKING POC
Biometric Shift EMS 3.0 - Auth Bypass
Biometric Shift Employee Management System 3.0 allows remote attackers to bypass intended file-read restrictions via a user=download request with a pathname in the path parameter.
CVSS 7.5
EIP-2026-105482 EXPLOITDB text WORKING POC
Binary MLM Software 1.0 - 'pid' SQL Injection
EIP-2026-105468 EXPLOITDB text WORKING POC
Bigcart - Ecommerce Multivendor System 1.0 - SQL Injection
CVE-2017-17595 EXPLOITDB CRITICAL text WORKING POC
Beauty Parlour Booking Script 1.0 - SQL Injection via Gender or City Parameter
Beauty Parlour Booking Script 1.0 has SQL Injection via the /list gender or city parameter.
CVSS 9.8
CVE-2017-17642 EXPLOITDB CRITICAL html WORKING POC
Basic Job Site Script 2.0.5 - SQL Injection via Keyword Parameter
Basic Job Site Script 2.0.5 has SQL Injection via the keyword parameter to /job.
CVSS 9.8
CVE-2017-17608 EXPLOITDB CRITICAL text WORKING POC
Child Care Script 1.0 - SQL Injection via City Parameter
Child Care Script 1.0 has SQL Injection via the /list city parameter.
CVSS 9.8
CVE-2017-17609 EXPLOITDB CRITICAL text WORKING POC
Chartered Accountant Booking Script 1.0 - SQL Injection via Service-List City Parameter
Chartered Accountant Booking Script 1.0 has SQL Injection via the /service-list city parameter.
CVSS 9.8
EIP-2026-105770 EXPLOITDB text WORKING POC
Cells Blog 3.5 - 'bgid' / 'fmid' / 'fnid' SQL Injection
CVE-2017-14703 EXPLOITDB CRITICAL perl WORKING POC
Cash Back Comparison Script 1.0 - SQL Injection
SQL injection vulnerability in Cash Back Comparison Script 1.0 allows remote attackers to execute arbitrary SQL commands via the PATH_INFO to search/.
CVSS 9.8
EIP-2026-105137 EXPLOITDB text WORKING POC
Alstrasoft Video Share Enterprise 4.72 - SQL Injection
EIP-2026-105136 EXPLOITDB perl WORKING POC
Alstrasoft Template Seller Pro 3.25e - 'tempid' SQL Injection
EIP-2026-105135 EXPLOITDB text WRITEUP
Alstrasoft ProTaxi Enterprise 3.5 - Arbitrary File Upload
EIP-2026-105134 EXPLOITDB text WRITEUP
Alstrasoft Forum Pay Per Post Exchange Script 2.01 - SQL Injection
EIP-2026-105133 EXPLOITDB html WORKING POC
Alstrasoft FMyLife Pro 1.02 - Cross-Site Request Forgery (Add Admin)
EIP-2026-105129 EXPLOITDB text WRITEUP
Alstrasoft e-Friends 5.12 - SQL Injection