Ihsan Sencan

964 exploits Active since Sep 2017
CVE-2017-15976 EXPLOITDB CRITICAL text WORKING POC
Zeescripts Zeebuddy - SQL Injection
ZeeBuddy 2x allows SQL Injection via the admin/editadgroup.php groupid parameter, a different vulnerability than CVE-2008-3604.
CVSS 9.8
EIP-2026-114550 EXPLOITDB text WRITEUP
Youtube Analytics Multi Channel 3.0 - SQL Injection
EIP-2026-114534 EXPLOITDB text WRITEUP
Yoga and Fitness Website Script - SQL Injection
CVE-2017-14843 EXPLOITDB HIGH text WORKING POC
Mojoomla School Mgmt - SQL Injection
Mojoomla School Management System for WordPress allows SQL Injection via the id parameter.
CVSS 8.8
CVE-2017-14847 EXPLOITDB HIGH text WORKING POC
Dasinfomedia Mojoomla WPAMS Apartment Management System for WordPress - SQL Injection
Mojoomla WPAMS Apartment Management System for WordPress allows SQL Injection via the id parameter.
CVSS 8.8
CVE-2017-14845 EXPLOITDB HIGH text WORKING POC
Mojoomla WPCHURCH < - SQL Injection
Mojoomla WPCHURCH Church Management System for WordPress allows SQL Injection via the id parameter.
CVSS 8.8
CVE-2017-14844 EXPLOITDB HIGH text WORKING POC
Mojoomla WPGYM <WordPress> - SQL Injection
Mojoomla WPGYM WordPress Gym Management System allows SQL Injection via the id parameter.
CVSS 8.8
EIP-2026-114520 EXPLOITDB text WORKING POC
Yellow Pages Script 3.2 - 'category_id' SQL Injection
EIP-2026-114499 EXPLOITDB text WORKING POC
Yacht Listing Script 2.0 - SQL Injection
EIP-2026-114400 EXPLOITDB text WORKING POC
WYSIWYG HTML Editor PRO 1.0 - Arbitrary File Download
EIP-2026-114519 EXPLOITDB text WORKING POC
Yellow Pages Clone Script 1.3.4 - SQL Injection
CVE-2017-14848 EXPLOITDB HIGH text WORKING POC
WPHRM 1.0 - SQL Injection
WPHRM Human Resource Management System for WordPress 1.0 allows SQL Injection via the employee_id parameter.
CVSS 8.8
EIP-2026-113875 EXPLOITDB text WORKING POC
WordPress Plugin Mac Photo Gallery 3.0 - Arbitrary File Download
EIP-2026-113962 EXPLOITDB text WORKING POC
WordPress Plugin PICA Photo Gallery 1.0 - SQL Injection
CVE-2017-14846 EXPLOITDB HIGH text WORKING POC
Mojoomla Hospital Management System for WordPress - SQL Injection
Mojoomla Hospital Management System for WordPress allows SQL Injection via the id parameter.
CVSS 8.8
EIP-2026-113428 EXPLOITDB text WORKING POC
Wikidforum 2.20 - 'message_id' SQL Injection
EIP-2026-113567 EXPLOITDB text WORKING POC
WordPress Plugin Apptha Slider Gallery 1.0 - Arbitrary File Download
EIP-2026-113568 EXPLOITDB text WORKING POC
WordPress Plugin Apptha Slider Gallery 1.0 - SQL Injection
EIP-2026-113209 EXPLOITDB text WORKING POC
Web Based TimeSheet Script - Authentication Bypass
EIP-2026-113219 EXPLOITDB text WORKING POC
Web Inspiration Gallery Script 1.0.0 - 'id' SQL Injection
EIP-2026-113396 EXPLOITDB text WRITEUP
Wetransfer Clone Script - Authentication Bypass
EIP-2026-113316 EXPLOITDB text WORKING POC
Webiness Inventory 2.3 - Arbitrary File Upload / Cross-Site Request Forgery (Add Admin)
CVE-2017-15992 EXPLOITDB CRITICAL text WORKING POC
Website Broker Script - SQL Injection
Website Broker Script allows SQL Injection via the 'status_id' Parameter to status_list.php.
CVSS 9.8
CVE-2017-17592 EXPLOITDB CRITICAL text WORKING POC
Website Auction Marketplace - SQL Injection
Website Auction Marketplace 2.0.5 has SQL Injection via the search.php cat_id parameter.
CVSS 9.8
EIP-2026-113403 EXPLOITDB text WORKING POC
WhizBiz 1.9 - SQL Injection