Ihsan Sencan

985 exploits Active since Sep 2017
CVE-2018-25163 EXPLOITDB HIGH text WORKING POC
BitZoom 1.0 - Unauthenticated SQL Injection via rollno Parameter
BitZoom 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the rollno and username parameters in forgot.php and login.php. Attackers can submit crafted POST requests with SQL UNION statements to extract database schema information and table contents from the application database.
CVSS 8.2
CVE-2018-25162 EXPLOITDB MEDIUM text WORKING POC
2-Plan Team 1.0.4 - Authenticated RCE
2-Plan Team 1.0.4 contains an arbitrary file upload vulnerability that allows authenticated attackers to upload executable PHP files by sending multipart form data to managefile.php. Attackers can upload PHP files through the userfile1 parameter with action=upload, which are stored in the files directory and executed by the web server for remote code execution.
CVSS 6.5
CVE-2018-25161 EXPLOITDB HIGH text WORKING POC
Warranty Tracking System 11.06.3 - SQL Injection
Warranty Tracking System 11.06.3 contains an SQL injection vulnerability that allows attackers to execute arbitrary SQL queries by injecting malicious code through the txtCustomerCode, txtCustomerName, and txtPhone POST parameters in SearchCustomer.php. Attackers can submit crafted SQL statements using UNION SELECT to extract sensitive database information including usernames, database names, and version details.
CVSS 8.2
CVE-2024-1186 EXPLOITDB LOW python WORKING POC
Munsoft Easy Archive Recovery 2.0 - Denial of Service in Registration Key Handler
A vulnerability classified as problematic was found in Munsoft Easy Archive Recovery 2.0. This vulnerability affects unknown code of the component Registration Key Handler. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252676. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 3.3
CVE-2020-37173 EXPLOITDB HIGH text WORKING POC
AVideo Platform 8.1 - Info Disclosure
AVideo Platform 8.1 contains an information disclosure vulnerability that allows attackers to enumerate user details through the playlistsFromUser.json.php endpoint. Attackers can retrieve sensitive user information including email, password hash, and administrative status by manipulating the users_id parameter.
CVSS 7.5
CVE-2020-37172 EXPLOITDB MEDIUM text WORKING POC
AVideo Platform 8.1 - Cross-Site Request Forgery in Password Recovery Mechanism
AVideo Platform 8.1 contains a cross-site request forgery vulnerability that allows attackers to reset user passwords by exploiting the password recovery mechanism. Attackers can craft malicious requests to the recoverPass endpoint using the user's recovery token to change account credentials without authentication.
CVSS 5.3
CVE-2020-37163 EXPLOITDB HIGH text WORKING POC
QuickDate 1.3.2 - SQL Injection via _located Parameter
QuickDate 1.3.2 contains a SQL injection vulnerability that allows remote attackers to manipulate database queries through the '_located' parameter in the find_matches endpoint. Attackers can inject UNION-based SQL statements to extract database information including user credentials, database name, and system version.
CVSS 8.2
CVE-2020-37158 EXPLOITDB MEDIUM text WORKING POC
AVideo Platform 8.1 - Cross-Site Request Forgery via Password Recovery Mechanism
AVideo Platform 8.1 contains a cross-site request forgery vulnerability that allows attackers to reset user passwords by exploiting the password recovery mechanism. Attackers can craft malicious requests to the recoverPass endpoint using the user's recovery token to change account credentials without authentication.
CVSS 5.3
CVE-2018-17399 EXPLOITDB CRITICAL text WORKING POC
jimtawl 2.2.7 - SQL Injection via id Parameter
SQL Injection exists in the Jimtawl 2.2.7 component for Joomla! via the id parameter.
CVSS 9.8
CVE-2018-17398 EXPLOITDB CRITICAL perl WORKING POC
arenam AMGallery 1.2.3 - SQL Injection via filter_category_id Parameter
SQL Injection exists in the AMGallery 1.2.3 component for Joomla! via the filter_category_id parameter.
CVSS 9.8
CVE-2018-17393 EXPLOITDB CRITICAL text WORKING POC
HealthNode Hospital Management System 1.0 - SQL Injection
SQL Injection exists in HealthNode Hospital Management System 1.0 via the id parameter to dashboard/Patient/info.php or dashboard/Patient/patientdetails.php.
CVSS 9.8
CVE-2018-17389 EXPLOITDB HIGH text WORKING POC
Live Call Support Application 1.5 - Cross-Site Request Forgery in server.php
CSRF exists in server.php in Live Call Support Application 1.5 for adding an admin account.
CVSS 8.8
CVE-2018-17388 EXPLOITDB CRITICAL text WORKING POC
Twilio WEB To Fax Machine System 1.0 - SQL Injection
SQL Injection exists in Twilio WEB To Fax Machine System 1.0 via the email or password parameter to login_check.php, or the id parameter to add_email.php or edit_content.php.
CVSS 9.8
CVE-2018-17387 EXPLOITDB HIGH html WORKING POC
Nimble Messaging Bulk SMS Marketing App 1.0 - CSRF
CSRF exists in Nimble Messaging Bulk SMS Marketing Application 1.0 for adding an admin account.
CVSS 8.8
CVE-2018-17381 EXPLOITDB CRITICAL text WORKING POC
Dutch Auction Factory 2.0.2 - SQL Injection
SQL Injection exists in the Dutch Auction Factory 2.0.2 component for Joomla! via the filter_order_Dir or filter_order parameter.
CVSS 9.8
CVE-2018-17374 EXPLOITDB CRITICAL text WORKING POC
Auction Factory 4.5.5 - SQL Injection
SQL Injection exists in the Auction Factory 4.5.5 component for Joomla! via the filter_order_Dir or filter_order parameter.
CVSS 9.8
CVE-2018-17386 EXPLOITDB CRITICAL text WORKING POC
Micro Deal Factory 2.4.0 - SQL Injection
SQL Injection exists in the Micro Deal Factory 2.4.0 component for Joomla! via the id parameter, or the PATH_INFO to mydeals/ or listdeals/.
CVSS 9.8
CVE-2018-18944 EXPLOITDB HIGH python WORKING POC
Artha 1.0.3.0 - Buffer Overflow
Artha ~ The Open Thesaurus 1.0.3.0 has a Buffer Overflow.
CVSS 7.5
CVE-2018-18802 EXPLOITDB HIGH text WORKING POC
Welcome to our Resort 1.0 - Cross-Site Request Forgery via User Edit Action
The Tubigan "Welcome to our Resort" 1.0 software allows CSRF via admin/mod_users/controller.php?action=edit.
CVSS 8.8
CVE-2018-18758 EXPLOITDB CRITICAL text WORKING POC
Open Faculty Evaluation System 7 - SQL Injection via submit_feedback.php
Open Faculty Evaluation System 7 for PHP 7 allows submit_feedback.php SQL Injection, a different vulnerability than CVE-2018-18757.
CVSS 9.8
CVE-2018-18757 EXPLOITDB CRITICAL text WORKING POC
Open Faculty Evaluation System 5.6 - SQL Injection via submit_feedback.php
Open Faculty Evaluation System 5.6 for PHP 5.6 allows submit_feedback.php SQL Injection, a different vulnerability than CVE-2018-18758.
CVSS 9.8
CVE-2018-17843 EXPLOITDB CRITICAL text WORKING POC
ADD Clicking MLM Software <1.0 - SQL Injection
SQL injection exists in ADD Clicking MLM Software 1.0, Binary MLM Software 1.0, Level MLM Software 1.0, Singleleg MLM Software 1.0, Autopool MLM Software 1.0, Investment MLM Software 1.0, Bidding MLM Software 1.0, Moneyorder MLM Software 1.0, Repurchase MLM Software 1.0, and Gift MLM Software 1.0 via the member/readmsg.php msg_id parameter, the member/tree.php pid parameter, or the member/downline.php m_id parameter.
CVSS 9.8
CVE-2018-17842 EXPLOITDB CRITICAL text WORKING POC
Scriptzee Hotel Booking Engine 1.0 - SQL Injection
SQL injection exists in Scriptzee Hotel Booking Engine 1.0 via the hotels h_room_type parameter.
CVSS 9.8
CVE-2018-17841 EXPLOITDB CRITICAL text SUSPICIOUS
Scriptzee Flippa Marketplace Clone 1.0 - SQL Injection
SQL injection exists in Scriptzee Flippa Marketplace Clone 1.0 via the site-search sortBy or sortDir parameter.
CVSS 9.8
CVE-2018-17840 EXPLOITDB CRITICAL text WORKING POC
Scriptzee Education Website 1.0 - SQL Injection
SQL injection exists in Scriptzee Education Website 1.0 via the college_list.html subject, city, or country parameter.
CVSS 9.8