Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ihsan sencan vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-17651
Paid To Read Script 2.0.5 has SQL Injection via the admin/userview.php uid parameter, the admin/viewemcamp.php fnum parameter, or the admin/viewvisitcamp.php fn parameter.
Paid To Read Script Project Paid To Read Script 2.0.5
1 EDB exploit
9.8
CVSSv3
CVE-2018-6395
SQL Injection exists in the Visual Calendar 3.1.3 component for Joomla! via the id parameter in a view=load action.
Joomlacalendars Visual Calendar 3.1.3
1 EDB exploit
9.8
CVSSv3
CVE-2018-6396
SQL Injection exists in the Google Map Landkarten up to and including 4.2.3 component for Joomla! via the cid or id parameter in a layout=form_markers action, or the map parameter in a layout=default action.
Google Map Landkarten Project Google Map Landkarten
1 EDB exploit
1 Github repository
9.8
CVSSv3
CVE-2018-6584
SQL Injection exists in the DT Register 3.2.7 component for Joomla! via a task=edit&id= request.
Dthdevelopment Dt Register 3.2.7
1 EDB exploit
9.8
CVSSv3
CVE-2018-6604
SQL Injection exists in the Zh YandexMap 6.2.1.0 component for Joomla! via the id parameter in a task=getPlacemarkDetails request.
Zh Yandexmap Project Zh Yandexmap 6.2.1.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-6605
SQL Injection exists in the Zh BaiduMap 3.0.0.1 component for Joomla! via the id parameter in a getPlacemarkDetails, getPlacemarkHoverText, getPathHoverText, or getPathDetails request.
Zh Baidumap Project Zh Baidumap 3.0.0.1
1 EDB exploit
9.8
CVSSv3
CVE-2018-6609
SQL Injection exists in the JSP Tickets 1.1 component for Joomla! via the ticketcode parameter in a ticketlist edit action, or the id parameter in a statuslist (or prioritylist) edit action.
Jsp Tickets Project Jsp Tickets 1.1
1 EDB exploit
9.8
CVSSv3
CVE-2017-15983
MyMagazine Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing.
Geniusocean Mymagazine Magazine \\& Blog Cms 1.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-5979
SQL Injection exists in Wchat Fully Responsive PHP AJAX Chat Script 1.5 via the login.php User field.
Wchat Project Wchat 1.5
1 EDB exploit
9.8
CVSSv3
CVE-2018-5981
SQL Injection exists in the Gallery WD 1.3.6 component for Joomla! via the tag_id parameter or gallery_id parameter.
Web-dorado Gallery Wd 1.3.6
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »