Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ihsan sencan vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-5991
SQL Injection exists in the Form Maker 3.6.12 component for Joomla! via the id, from, or to parameter in a view=stats request, a different vulnerability than CVE-2015-2798.
Web-dorado Form Maker 3.6.12
1 EDB exploit
9.8
CVSSv3
CVE-2018-6004
SQL Injection exists in the File Download Tracker 3.0 component for Joomla! via the dynfield[phone] or sess parameter.
Techsolsystem File Download Tracker 3.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-6005
SQL Injection exists in the Realpin up to and including 1.5.04 component for Joomla! via the pinboard parameter.
Realpin Project Realpin
1 EDB exploit
9.8
CVSSv3
CVE-2018-6006
SQL Injection exists in the JS Autoz 1.0.9 component for Joomla! via the vtype, pre, or prs parameter.
Joomsky Js Autoz 1.0.9
1 EDB exploit
8.8
CVSSv3
CVE-2018-6007
CSRF exists in the JS Support Ticket 1.1.0 component for Joomla! and allows malicious users to inject HTML or edit a ticket.
Joomsky Js Support Ticket 1.1.0
1 EDB exploit
7.5
CVSSv3
CVE-2018-6008
Arbitrary File Download exists in the Jtag Members Directory 5.3.7 component for Joomla! via the download_file parameter.
Joomlatag Jtag Members Directory 5.3.7
1 EDB exploit
9.8
CVSSv3
CVE-2017-14703
SQL injection vulnerability in Cash Back Comparison Script 1.0 allows remote malicious users to execute arbitrary SQL commands via the PATH_INFO to search/.
Cashbackcomparisonscript Cash Back Comparison 1.0
1 EDB exploit
9.8
CVSSv3
CVE-2017-15990
Php Inventory & Invoice Management System allows Arbitrary File Upload via dashboard/edit_myaccountdetail/.
Savsofteproducts Phpinventory -
1 EDB exploit
8.8
CVSSv3
CVE-2017-14704
Multiple unrestricted file upload vulnerabilities in the (1) imageSubmit and (2) proof_submit functions in Claydip Laravel Airbnb Clone 1.0 allow remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct ...
Claydip Airbnb Clone 1.0
1 EDB exploit
9.8
CVSSv3
CVE-2017-15977
Protected Links - Expiring Download Links 1.0 allows SQL Injection via the username parameter.
Protectedlinks Expiring Download Links 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »