Ihsan Sencan

964 exploits Active since Sep 2017
CVE-2017-20124 EXPLOITDB MEDIUM text WRITEUP
Online Hotel Booking System Pro Plugin 1.0 - SQL Injection
A vulnerability classified as critical has been found in Online Hotel Booking System Pro Plugin 1.0. Affected is an unknown function of the file /front/roomtype-details.php. The manipulation of the argument tid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3
CVE-2017-12761 EXPLOITDB HIGH text WORKING POC
Webfile Explorer - SQL Injection
http://codecanyon.net/user/Endober WebFile Explorer 1.0 is affected by: SQL Injection. The impact is: Arbitrary File Download (remote). The component is: $file = $_GET['id'] in download.php. The attack vector is: http://speicher.example.com/envato/codecanyon/demo/web-file-explorer/download.php?id=WebExplorer/../config.php.
CVSS 7.5
CVE-2017-12760 EXPLOITDB HIGH text WRITEUP
Ynetinteractive Mobiketa - SQL Injection
Ynet Interactive - http://demo.ynetinteractive.com/mobiketa/ Mobiketa 4.0 is affected by: SQL Injection. The impact is: Code execution (remote).
CVSS 8.8
CVE-2017-12759 EXPLOITDB CRITICAL text WORKING POC
Ynetinteractive Soa School Management - SQL Injection
Ynet Interactive - http://demo.ynetinteractive.com/soa/ SOA School Management 3.0 is affected by: SQL Injection. The impact is: Code execution (remote).
CVSS 9.8
CVE-2017-12758 EXPLOITDB CRITICAL text WORKING POC
Joomlaextensions Component Appointment - SQL Injection
https://www.joomlaextensions.co.in/ Joomla! Component Appointment 1.1 is affected by: SQL Injection. The impact is: Code execution (remote). The component is: com_appointment component.
CVSS 9.8
CVE-2017-12757 EXPLOITDB CRITICAL text WORKING POC
Ambittechnologies Itech B2b Script - SQL Injection
Certain Ambit Technologies Pvt. Ltd products are affected by: SQL Injection. This affects iTech B2B Script 4.42i and Tech Business Networking Script 8.26i and Tech Caregiver Script 2.71i and Tech Classifieds Script 7.41i and Tech Dating Script 3.40i and Tech Freelancer Script 5.27i and Tech Image Sharing Script 4.13i and Tech Job Script 9.27i and Tech Movie Script 7.51i and Tech Multi Vendor Script 6.63i and Tech Social Networking Script 3.08i and Tech Travel Script 9.49. The impact is: Code execution (remote).
CVSS 9.8
EIP-2026-119607 EXPLOITDB python WORKING POC
Notepad3 1.0.2.350 - Denial of Service (PoC)
EIP-2026-119623 EXPLOITDB python WORKING POC
WinMTR 0.91 - Denial of Service (PoC)
EIP-2026-119593 EXPLOITDB python WORKING POC
Local Server 1.0.9 - Denial of Service (PoC)
EIP-2026-119584 EXPLOITDB text WORKING POC
Easy Outlook Express Recovery 2.0 - Denial of Service (PoC)
EIP-2026-119625 EXPLOITDB python WORKING POC
Zint Barcode Generator 2.6 - Denial of Service (PoC)
EIP-2026-119651 EXPLOITDB WORKING POC
School Equipment Monitoring System 1.0 - 'login' SQL Injection
EIP-2026-119402 EXPLOITDB text WORKING POC
MGB OpenSource Guestbook 0.7.0.2 - 'id' SQL Injection
EIP-2026-119576 EXPLOITDB python WORKING POC
Blue Server 1.1 - Denial of Service (PoC)
EIP-2026-119577 EXPLOITDB python WORKING POC
BORGChat 1.0.0 build 438 - Denial of Service (PoC)
EIP-2026-119579 EXPLOITDB python WORKING POC
CdCatalog 2.3.1 - Denial of Service (PoC)
EIP-2026-116232 EXPLOITDB python WORKING POC
Selfie Studio 2.17 - Denial of Service (PoC)
EIP-2026-116231 EXPLOITDB python WORKING POC
Selfie Studio 2.17 - Denial of Service (PoC)
CVE-2018-18759 EXPLOITDB HIGH text WORKING POC
Modbustools Modbus Slave - Memory Corruption
Modbus Slave 7.0.0 in modbus tools has a Buffer Overflow.
CVSS 7.5
EIP-2026-114626 EXPLOITDB text WORKING POC
Zigaform - SQL Injection
CVE-2017-15993 EXPLOITDB CRITICAL text WORKING POC
Zomato Clone Script - SQL Injection
Zomato Clone Script allows SQL Injection via the restaurant-menu.php resid parameter.
CVSS 9.8
CVE-2017-17630 EXPLOITDB CRITICAL text WORKING POC
Yoga Class Script - SQL Injection
Yoga Class Script 1.0 has SQL Injection via the /list city parameter.
CVSS 9.8
EIP-2026-114534 EXPLOITDB text WRITEUP
Yoga and Fitness Website Script - SQL Injection
EIP-2026-114537 EXPLOITDB text WORKING POC
Yot CMS 3.3.1 - 'aid' SQL Injection
EIP-2026-114550 EXPLOITDB text WRITEUP
Youtube Analytics Multi Channel 3.0 - SQL Injection