Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ihsan sencan vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-6396
SQL Injection exists in the Google Map Landkarten up to and including 4.2.3 component for Joomla! via the cid or id parameter in a layout=form_markers action, or the map parameter in a layout=default action.
Google Map Landkarten Project Google Map Landkarten
1 EDB exploit
1 Github repository
7.5
CVSSv3
CVE-2018-6397
Directory Traversal exists in the Picture Calendar 3.1.4 component for Joomla! via the list.php folder parameter.
Joomlacalendars Picture Calendar 3.1.4
1 EDB exploit
9.8
CVSSv3
CVE-2018-6582
SQL Injection exists in the Zh GoogleMap 8.4.0.0 component for Joomla! via the id parameter in a getPlacemarkDetails, getPlacemarkHoverText, getPathHoverText, or getPathDetails request.
Zh Googlemap Project Zh Googlemap 8.4.0.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-6584
SQL Injection exists in the DT Register 3.2.7 component for Joomla! via a task=edit&id= request.
Dthdevelopment Dt Register 3.2.7
1 EDB exploit
9.8
CVSSv3
CVE-2018-6604
SQL Injection exists in the Zh YandexMap 6.2.1.0 component for Joomla! via the id parameter in a task=getPlacemarkDetails request.
Zh Yandexmap Project Zh Yandexmap 6.2.1.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-6605
SQL Injection exists in the Zh BaiduMap 3.0.0.1 component for Joomla! via the id parameter in a getPlacemarkDetails, getPlacemarkHoverText, getPathHoverText, or getPathDetails request.
Zh Baidumap Project Zh Baidumap 3.0.0.1
1 EDB exploit
9.8
CVSSv3
CVE-2018-6609
SQL Injection exists in the JSP Tickets 1.1 component for Joomla! via the ticketcode parameter in a ticketlist edit action, or the id parameter in a statuslist (or prioritylist) edit action.
Jsp Tickets Project Jsp Tickets 1.1
1 EDB exploit
7.5
CVSSv3
CVE-2018-6610
Information Leakage exists in the jLike 1.0 component for Joomla! via a task=getUserByCommentId request.
Jlike Project Jlike 1.0
1 EDB exploit
8.8
CVSSv3
CVE-2018-18794
School Event Management System 1.0 allows CSRF via user/controller.php?action=edit.
School Event Management System Project School Event Management System 1.0
1 EDB exploit
8.8
CVSSv3
CVE-2018-18797
School Attendance Monitoring System 1.0 has CSRF via /user/user/edit.php.
School Attendance Monitoring System Project School Attendance Monitoring System 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »