Ihsan Sencan

964 exploits Active since Sep 2017
CVE-2018-17842 EXPLOITDB CRITICAL text WORKING POC
Scriptzee Hotel Booking Engine 1.0 - SQL Injection
SQL injection exists in Scriptzee Hotel Booking Engine 1.0 via the hotels h_room_type parameter.
CVSS 9.8
CVE-2018-17841 EXPLOITDB CRITICAL text SUSPICIOUS
Scriptzee Flippa Marketplace Clone 1.0 - SQL Injection
SQL injection exists in Scriptzee Flippa Marketplace Clone 1.0 via the site-search sortBy or sortDir parameter.
CVSS 9.8
CVE-2018-17840 EXPLOITDB CRITICAL text WORKING POC
Scriptzee Education Website 1.0 - SQL Injection
SQL injection exists in Scriptzee Education Website 1.0 via the college_list.html subject, city, or country parameter.
CVSS 9.8
CVE-2017-20081 EXPLOITDB MEDIUM text WORKING POC
Hindu Matrimonial Script - Privilege Escalation
A vulnerability, which was classified as critical, was found in Hindu Matrimonial Script. This affects an unknown part of the file /admin/reports.php. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3
CVE-2017-20080 EXPLOITDB MEDIUM text WORKING POC
Hindu Matrimonial Script - Privilege Escalation
A vulnerability, which was classified as critical, has been found in Hindu Matrimonial Script. Affected by this issue is some unknown functionality of the file /admin/googleads.php. The manipulation leads to improper privilege management. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3
CVE-2017-20079 EXPLOITDB MEDIUM text WORKING POC
Hindu Matrimonial Script - Privilege Escalation
A vulnerability classified as critical was found in Hindu Matrimonial Script. Affected by this vulnerability is an unknown functionality of the file /admin/photo.php. The manipulation leads to improper privilege management. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3
CVE-2017-20078 EXPLOITDB MEDIUM text WORKING POC
Hindu Matrimonial Script - Privilege Escalation
A vulnerability classified as critical has been found in Hindu Matrimonial Script. Affected is an unknown function of the file /admin/featured.php. The manipulation leads to improper privilege management. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3
CVE-2017-20077 EXPLOITDB MEDIUM text WORKING POC
Hindu Matrimonial Script - Privilege Escalation
A vulnerability was found in Hindu Matrimonial Script. It has been rated as critical. This issue affects some unknown processing of the file /admin/success_story.php. The manipulation leads to improper privilege management. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3
CVE-2017-20076 EXPLOITDB MEDIUM text WORKING POC
Hindu Matrimonial Script - Privilege Escalation
A vulnerability was found in Hindu Matrimonial Script. It has been declared as critical. This vulnerability affects unknown code of the file /admin/searchview.php. The manipulation leads to improper privilege management. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3
CVE-2017-20075 EXPLOITDB MEDIUM text WORKING POC
Hindu Matrimonial Script - Privilege Escalation
A vulnerability was found in Hindu Matrimonial Script. It has been classified as critical. This affects an unknown part of the file /admin/payment.php. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3
CVE-2017-20074 EXPLOITDB MEDIUM text WORKING POC
Hindu Matrimonial Script - Privilege Escalation
A vulnerability was found in Hindu Matrimonial Script and classified as critical. Affected by this issue is some unknown functionality of the file /admin/newsletter1.php. The manipulation leads to improper privilege management. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3
CVE-2017-20073 EXPLOITDB MEDIUM text WORKING POC
Hindu Matrimonial Script - Privilege Escalation
A vulnerability has been found in Hindu Matrimonial Script and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/cms.php. The manipulation leads to improper privilege management. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3
CVE-2017-20072 EXPLOITDB MEDIUM text WORKING POC
Hindu Matrimonial Script - Privilege Escalation
A vulnerability, which was classified as critical, was found in Hindu Matrimonial Script. Affected is an unknown function of the file /admin/generalsettings.php. The manipulation leads to improper privilege management. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3
CVE-2017-20071 EXPLOITDB MEDIUM text WORKING POC
Hindu Matrimonial Script - Privilege Escalation
A vulnerability, which was classified as critical, has been found in Hindu Matrimonial Script. This issue affects some unknown processing of the file /admin/renewaldue.php. The manipulation leads to improper privilege management. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3
CVE-2017-20070 EXPLOITDB MEDIUM text WORKING POC
Hindu Matrimonial Script - Privilege Escalation
A vulnerability classified as critical was found in Hindu Matrimonial Script. This vulnerability affects unknown code of the file /admin/communitymanagement.php. The manipulation leads to improper privilege management. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3
CVE-2017-20069 EXPLOITDB MEDIUM text WORKING POC
Hindu Matrimonial Script - Privilege Escalation
A vulnerability classified as critical has been found in Hindu Matrimonial Script. This affects an unknown part of the file /admin/countrymanagement.php. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3
CVE-2017-20068 EXPLOITDB MEDIUM text WORKING POC
Hindu Matrimonial Script - Privilege Escalation
A vulnerability was found in Hindu Matrimonial Script. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/usermanagement.php. The manipulation leads to improper privilege management. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3
CVE-2017-20067 EXPLOITDB HIGH text WORKING POC
Hindu Matrimonial Script - SQL Injection
A vulnerability was found in Hindu Matrimonial Script. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/. The manipulation of the argument username/password with the input 'or''=' leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS 7.3
CVE-2018-18527 EXPLOITDB CRITICAL text WORKING POC
Owndms Ownticket - SQL Injection
OwnTicket 2018-05-23 allows SQL Injection via the showTicketId or editTicketStatusId parameter.
CVSS 9.8
CVE-2018-17988 EXPLOITDB CRITICAL text WORKING POC
Layerbb - SQL Injection
LayerBB 1.1.1 and 1.1.3 has SQL Injection via the search.php search_query parameter.
CVSS 9.8
CVE-2017-20196 EXPLOITDB MEDIUM text WRITEUP
Itechscripts School Management Software 2.75 - SQL Injection
A vulnerability was found in Itechscripts School Management Software 2.75. It has been classified as critical. This affects an unknown part of the file /notice-edit.php. The manipulation of the argument aid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3
CVE-2017-20128 EXPLOITDB HIGH text WORKING POC
KB Messages PHP Script 1.0 - SQL Injection
A vulnerability has been found in KB Messages PHP Script 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument username/password with the input 'or''=' leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS 7.3
CVE-2017-20127 EXPLOITDB HIGH text WORKING POC
KB Login Authentication Script 1.1 - SQL Injection
A vulnerability was found in KB Login Authentication Script 1.1 and classified as critical. Affected by this issue is some unknown functionality. The manipulation of the argument username/password with the input 'or''=' leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS 7.3
CVE-2017-20126 EXPLOITDB HIGH text WORKING POC
KB Affiliate Referral Script 1.0 - SQL Injection
A vulnerability was found in KB Affiliate Referral Script 1.0. It has been classified as critical. This affects an unknown part of the file /index.php. The manipulation of the argument username/password with the input 'or''=' leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS 7.3
CVE-2017-20125 EXPLOITDB MEDIUM text WRITEUP
Online Hotel Booking System Pro 1.2 - SQL Injection
A vulnerability classified as critical was found in Online Hotel Booking System Pro 1.2. Affected by this vulnerability is an unknown functionality of the file /roomtype-details.php. The manipulation of the argument tid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3