Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ihsan sencan vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-6585
SQL Injection exists in the JTicketing 2.0.16 component for Joomla! via a view=events action with a filter_creator or filter_events_cat parameter.
Techjoomla Jticketing 2.0.16
1 EDB exploit
9.8
CVSSv3
CVE-2018-6604
SQL Injection exists in the Zh YandexMap 6.2.1.0 component for Joomla! via the id parameter in a task=getPlacemarkDetails request.
Zh Yandexmap Project Zh Yandexmap 6.2.1.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-6605
SQL Injection exists in the Zh BaiduMap 3.0.0.1 component for Joomla! via the id parameter in a getPlacemarkDetails, getPlacemarkHoverText, getPathHoverText, or getPathDetails request.
Zh Baidumap Project Zh Baidumap 3.0.0.1
1 EDB exploit
9.8
CVSSv3
CVE-2018-6609
SQL Injection exists in the JSP Tickets 1.1 component for Joomla! via the ticketcode parameter in a ticketlist edit action, or the id parameter in a statuslist (or prioritylist) edit action.
Jsp Tickets Project Jsp Tickets 1.1
1 EDB exploit
7.5
CVSSv3
CVE-2018-6610
Information Leakage exists in the jLike 1.0 component for Joomla! via a task=getUserByCommentId request.
Jlike Project Jlike 1.0
1 EDB exploit
8.8
CVSSv3
CVE-2018-5969
Cross Site Request Forgery (CSRF) exists in Photography CMS 1.0 via clients/resources/ajax/ajax_new_admin.php, as demonstrated by adding an admin account.
Photography Cms Project Photography Cms 1.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-5970
SQL Injection exists in the JGive 2.0.9 component for Joomla! via the filter_org_ind_type or campaign_countries parameter.
Techjoomla Jgive 2.0.9
1 EDB exploit
9.8
CVSSv3
CVE-2018-5971
SQL Injection exists in the MediaLibrary Free 4.0.12 component for Joomla! via the id parameter or the mid array parameter.
Ordasoft Medialibrary 4.0.12
1 EDB exploit
9.8
CVSSv3
CVE-2018-5972
SQL Injection exists in Classified Ads CMS Quickad 4.0 via the keywords, placeid, cat, or subcat parameter to the listing URI.
Quickad Project Quickad 4.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-5973
SQL Injection exists in Professional Local Directory Script 1.0 via the sellers_subcategories.php IndustryID parameter, or the suppliers.php IndustryID or CategoryID parameter.
Eihitech Professional Local Directory Script 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-25525
CVE-2024-4652
CVE-2024-1438
CVE-2024-4671
CVE-2024-34351
arbitrary
CVE-2024-4650
SQL injection
overflow
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »