Kaan KAMIS

20 exploits Active since Nov 2008
CVE-2017-5971 EXPLOITDB CRITICAL text WRITEUP
Newsbee - SQL Injection
SQL injection vulnerability in NewsBee CMS allow remote attackers to execute arbitrary SQL commands.
CVSS 9.8
CVE-2017-20137 EXPLOITDB MEDIUM text WORKING POC
Itech B2B Script 4.28 - SQL Injection
A vulnerability was found in Itech B2B Script 4.28. It has been rated as critical. This issue affects some unknown processing of the file /catcompany.php. The manipulation of the argument token with the input 704667c6a1e7ce56d3d6fa748ab6d9af3fd7' AND 6539=6539 AND 'Fakj'='Fakj leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3
CVE-2017-20136 EXPLOITDB MEDIUM text WRITEUP
Itech Classifieds Script 7.27 - SQL Injection
A vulnerability classified as critical has been found in Itech Classifieds Script 7.27. Affected is an unknown function of the file /subpage.php. The manipulation of the argument scat with the input =51' AND 4941=4941 AND 'hoCP'='hoCP leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3
CVE-2017-20135 EXPLOITDB MEDIUM text WORKING POC
Itech Dating Script 3.26 - SQL Injection
A vulnerability classified as critical was found in Itech Dating Script 3.26. Affected by this vulnerability is an unknown functionality of the file /see_more_details.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3
CVE-2017-20134 EXPLOITDB MEDIUM text WORKING POC
Itech Freelancer Script 5.13 - SQL Injection
A vulnerability, which was classified as critical, has been found in Itech Freelancer Script 5.13. Affected by this issue is some unknown functionality of the file /category.php. The manipulation of the argument sk leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3
CVE-2017-20132 EXPLOITDB MEDIUM text WORKING POC
Itech Multi Vendor Script 6.49 - SQL Injection
A vulnerability was found in Itech Multi Vendor Script 6.49 and classified as critical. This issue affects some unknown processing of the file /multi-vendor-shopping-script/product-list.php. The manipulation of the argument pl leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3
CVE-2017-20131 EXPLOITDB MEDIUM text WRITEUP
Itech News Portal 6.28 - SQL Injection
A vulnerability was found in Itech News Portal 6.28. It has been classified as critical. Affected is an unknown function of the file /news-portal-script/information.php. The manipulation of the argument inf leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3
CVE-2017-20130 EXPLOITDB MEDIUM text WRITEUP
Itech Real Estate Script 3.12 - SQL Injection
A vulnerability was found in Itech Real Estate Script 3.12. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /real-estate-script/search_property.php. The manipulation of the argument property_for leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3
EIP-2026-112214 EXPLOITDB text WRITEUP
SlimarUSER Management 1.0 - 'id' SQL Injection
EIP-2026-111550 EXPLOITDB text WORKING POC
Property Listing Script - 'propid' Blind SQL Injection
EIP-2026-111489 EXPLOITDB text WRITEUP
Premium Servers List Tracker 1.0 - SQL Injection
EIP-2026-109655 EXPLOITDB text WORKING POC
Muviko 1.0 - 'q' SQL Injection
EIP-2026-109671 EXPLOITDB text WRITEUP
My Photo Gallery 1.0 - SQL Injection
EIP-2026-109265 EXPLOITDB text WRITEUP
Maian Weblog 4.0 - SQL Injection
EIP-2026-109205 EXPLOITDB text WORKING POC
LogoStore - 'query' SQL Injection
EIP-2026-107980 EXPLOITDB text WRITEUP
Itech Auction Script 6.49 - 'mcid' SQL Injection
EIP-2026-108017 EXPLOITDB text WORKING POC
Itech Video Sharing Script 4.94 - 'v' SQL Injection
EIP-2026-106776 EXPLOITDB text WRITEUP
EDUMOD Pro 1.3 - SQL Injection
EIP-2026-105730 EXPLOITDB text WRITEUP
Caregiver Script 2.57 - SQL Injection
CVE-2008-5057 EXPLOITDB text WORKING POC
Aspindir Dizi Portali - SQL Injection
SQL injection vulnerability in film.asp in Yigit Aybuga Dizi Portali allows remote attackers to execute arbitrary SQL commands via the film parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.