Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ihsan sencan vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-15992
Website Broker Script allows SQL Injection via the 'status_id' Parameter to status_list.php.
Website Broker Script Project Website Broker Script -
1 EDB exploit
9.8
CVSSv3
CVE-2018-17378
SQL Injection exists in the Penny Auction Factory 2.0.4 component for Joomla! via the filter_order_Dir or filter_order parameter.
Thephpfactory Penny Auction Factory 2.0.4
1 EDB exploit
9.8
CVSSv3
CVE-2018-17397
SQL Injection exists in the AlphaIndex Dictionaries 1.0 component for Joomla! via the letter parameter.
Multiplanet Alphaindex Dictionaries 1.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-7319
SQL Injection exists in the OS Property Real Estate 3.12.7 component for Joomla! via the cooling_system1, heating_system1, or laundry parameter.
Os Property Real Estate Project Os Property Real Estate 3.12.7
1 EDB exploit
9.8
CVSSv3
CVE-2018-18755
K-iwi Framework 1775 has SQL Injection via the admin/user/group/update user_group_id parameter or the admin/user/user/update user_id parameter.
K-iwi K-iwi 1775
1 EDB exploit
9.8
CVSSv3
CVE-2018-18763
SaltOS 3.1 r8126 allows action=ajax&query=numbers&page=usuarios&action2=[SQL] SQL Injection.
Saltos Saltos 3.1
1 EDB exploit
8.8
CVSSv3
CVE-2018-18797
School Attendance Monitoring System 1.0 has CSRF via /user/user/edit.php.
School Attendance Monitoring System Project School Attendance Monitoring System 1.0
1 EDB exploit
8.8
CVSSv3
CVE-2018-18794
School Event Management System 1.0 allows CSRF via user/controller.php?action=edit.
School Event Management System Project School Event Management System 1.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-18795
School Event Management System 1.0 has SQL Injection via the student/index.php or event/index.php id parameter.
School Event Management System Project School Event Management System 1.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-18798
Attendance Monitoring System 1.0 has SQL Injection via the 'id' parameter to student/index.php?view=view, event/index.php?view=view, and user/index.php?view=view.
School Attendance Monitoring System Project School Attendance Monitoring System 1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
CVE-2023-52162
CVE-2024-23670
CVE-2024-5404
man-in-the-middle
CVE-2024-5214
CVE-2024-4358
CVE-2024-20696
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »