Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ihsan sencan vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-5988
SQL Injection exists in Flexible Poll 1.2 via the id parameter to mobile_preview.php or index.php.
Flexible Poll Project Flexible Poll 1.2
1 EDB exploit
9.8
CVSSv3
CVE-2018-6370
SQL Injection exists in the NeoRecruit 4.1 component for Joomla! via the (1) PATH_INFO or (2) name of a .html file under the all-offers/ URI.
Neojoomla Neorecruit 4.1
1 EDB exploit
9.8
CVSSv3
CVE-2018-6372
SQL Injection exists in the JB Bus 2.3 component for Joomla! via the order_number parameter.
Joombooking Jb Bus 2.3
1 EDB exploit
9.8
CVSSv3
CVE-2018-6373
SQL Injection exists in the Fastball 2.5 component for Joomla! via the season parameter in a view=player action.
Fastballproductions Fastball 2.5.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-6396
SQL Injection exists in the Google Map Landkarten up to and including 4.2.3 component for Joomla! via the cid or id parameter in a layout=form_markers action, or the map parameter in a layout=default action.
Google Map Landkarten Project Google Map Landkarten
1 EDB exploit
1 Github repository
7.5
CVSSv3
CVE-2018-6397
Directory Traversal exists in the Picture Calendar 3.1.4 component for Joomla! via the list.php folder parameter.
Joomlacalendars Picture Calendar 3.1.4
1 EDB exploit
9.8
CVSSv3
CVE-2018-6398
SQL Injection exists in the CP Event Calendar 3.0.1 component for Joomla! via the id parameter in a task=load action.
Joomlacalendars Event Calendar 3.0.1
1 EDB exploit
9.8
CVSSv3
CVE-2018-6585
SQL Injection exists in the JTicketing 2.0.16 component for Joomla! via a view=events action with a filter_creator or filter_events_cat parameter.
Techjoomla Jticketing 2.0.16
1 EDB exploit
9.8
CVSSv3
CVE-2018-6609
SQL Injection exists in the JSP Tickets 1.1 component for Joomla! via the ticketcode parameter in a ticketlist edit action, or the id parameter in a statuslist (or prioritylist) edit action.
Jsp Tickets Project Jsp Tickets 1.1
1 EDB exploit
9.8
CVSSv3
CVE-2017-17612
Hot Scripts Clone 3.1 has SQL Injection via the /categories subctid or mctid parameter.
Hot Scripts Clone Project Hot Scripts Clone 3.1
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040
privilege escalation
CVE-2024-4112
CVE-2024-32872
man-in-the-middle
CVE-2024-32788
bypass
CVE-2024-3400
CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
7
8
9
10
NEXT »