Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ihsan sencan vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-5969
Cross Site Request Forgery (CSRF) exists in Photography CMS 1.0 via clients/resources/ajax/ajax_new_admin.php, as demonstrated by adding an admin account.
Photography Cms Project Photography Cms 1.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-5972
SQL Injection exists in Classified Ads CMS Quickad 4.0 via the keywords, placeid, cat, or subcat parameter to the listing URI.
Quickad Project Quickad 4.0
1 EDB exploit
8.8
CVSSv3
CVE-2018-5976
Cross Site Request Forgery (CSRF) exists in RSVP Invitation Online 1.0 via function/account.php, as demonstrated by modifying the admin password.
Rsvp Invitation Online Project Rsvp Invitation Online 1.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-5978
SQL Injection exists in Facebook Style Php Ajax Chat Zechat 1.5 via the login.php User field.
Zechat Project Zechat 1.5
1 EDB exploit
9.8
CVSSv3
CVE-2018-5990
SQL Injection exists in the AllVideos Reloaded 1.2.x component for Joomla! via the divid parameter.
Allvideos Reloaded Project Allvideos Reloaded
1 EDB exploit
9.8
CVSSv3
CVE-2018-5994
SQL Injection exists in the JS Jobs 1.1.9 component for Joomla! via the zipcode parameter in a newest-jobs request, or the ta parameter in a view_resume request.
Joomsky Js Jobs 1.1.9
1 EDB exploit
9.8
CVSSv3
CVE-2018-6372
SQL Injection exists in the JB Bus 2.3 component for Joomla! via the order_number parameter.
Joombooking Jb Bus 2.3
1 EDB exploit
9.8
CVSSv3
CVE-2018-6394
SQL Injection exists in the InviteX 3.0.5 component for Joomla! via the invite_type parameter in a view=invites action.
Techjoomla Invitex 3.0.5
1 EDB exploit
7.5
CVSSv3
CVE-2018-6397
Directory Traversal exists in the Picture Calendar 3.1.4 component for Joomla! via the list.php folder parameter.
Joomlacalendars Picture Calendar 3.1.4
1 EDB exploit
9.8
CVSSv3
CVE-2018-6583
SQL Injection exists in the Timetable Responsive Schedule 1.5 component for Joomla! via a view=event&alias= request.
Quanticalabs Timetable Responsive Schedule 1.5
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »