ihsan sencan vulnerabilities and exploits

7.5
CVSSv2
CVE-2018-6396

SQL Injection exists in the Google Map Landkarten through 4.2.3 component for Joomla! via the cid or id parameter in a layout=form_markers action, or the map parameter in a layout=default action....

Google Map Landkarten ProjectGoogle Map Landkarten
7.5
CVSSv2
CVE-2017-15965

The NS Download Shop (aka com_ns_downloadshop) component 2.2.6 for Joomla! allows SQL Injection via the id parameter in an invoice.create action....

NswdNs Download Shop
7.5
CVSSv2
CVE-2017-15966

The Zh YandexMap (aka com_zhyandexmap) component 6.1.1.0 for Joomla! allows SQL Injection via the placemarklistid parameter to index.php....

Zh Yandexmap ProjectZh Yandexmap
5
CVSSv2
CVE-2018-18756

Local Server 1.0.9 has a Buffer Overflow via crafted data on Port 4008....

5
CVSSv2
CVE-2017-17876

Biometric Shift Employee Management System 3.0 allows remote attackers to bypass intended file-read restrictions via a user=download request with a pathname in the path parameter....

IwcnetworkShift
7.5
CVSSv2
CVE-2018-7316

Arbitrary File Upload exists in the Proclaim 9.1.1 component for Joomla! via a mediafileform action....

ChristianwebministriesProclaim
7.5
CVSSv2
CVE-2017-17609

Chartered Accountant Booking Script 1.0 has SQL Injection via the /service-list city parameter....

6.5
CVSSv2
CVE-2017-15957

my_profile.php in Ingenious School Management System 2.3.0 allows a student or teacher to upload an arbitrary file....

7.5
CVSSv2
CVE-2017-17611

Doctor Search Script 1.0 has SQL Injection via the /list city parameter....

4.3
CVSSv2
CVE-2017-17649

Readymade Video Sharing Script 3.2 has HTML Injection via the single-video-detail.php comment parameter....