Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ihsan sencan vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-18755
K-iwi Framework 1775 has SQL Injection via the admin/user/group/update user_group_id parameter or the admin/user/user/update user_id parameter.
K-iwi K-iwi 1775
1 EDB exploit
9.8
CVSSv3
CVE-2018-18793
School Event Management System 1.0 allows Arbitrary File Upload via event/controller.php?action=photos.
School Event Management System Project School Event Management System 1.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-18795
School Event Management System 1.0 has SQL Injection via the student/index.php or event/index.php id parameter.
School Event Management System Project School Event Management System 1.0
1 EDB exploit
8.8
CVSSv3
CVE-2018-18797
School Attendance Monitoring System 1.0 has CSRF via /user/user/edit.php.
School Attendance Monitoring System Project School Attendance Monitoring System 1.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-18800
The Tubigan "Welcome to our Resort" 1.0 software allows SQL Injection via index.php?p=accomodation&q=[SQL], index.php?p=rooms&q=[SQL], or admin/login.php.
Tubigan Welcome To Our Resort 1.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-18804
Bakeshop Inventory System 1.0 has SQL injection via the login screen, related to include/publicfunction.vb.
Bakeshop Inventory System Project Bakeshop Inventory System 1.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-18805
Point Of Sales 1.0 allows SQL injection via the login screen, related to LoginForm1.vb.
Pointofsales Project Pointofsales 1.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-6582
SQL Injection exists in the Zh GoogleMap 8.4.0.0 component for Joomla! via the id parameter in a getPlacemarkDetails, getPlacemarkHoverText, getPathHoverText, or getPathDetails request.
Zh Googlemap Project Zh Googlemap 8.4.0.0
1 EDB exploit
7.5
CVSSv3
CVE-2018-6610
Information Leakage exists in the jLike 1.0 component for Joomla! via a task=getUserByCommentId request.
Jlike Project Jlike 1.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-7180
SQL Injection exists in the Saxum Astro 4.0.14 component for Joomla! via the publicid parameter.
Saxum2003 Astro 4.0.14
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »