ihsan sencan vulnerabilities and exploits

7.5
CVSSv2
CVE-2018-7180

SQL Injection exists in the Saxum Astro 4.0.14 component for Joomla! via the publicid parameter....

Saxum2003Astro
7.5
CVSSv2
CVE-2017-17581

FS Quibids Clone 1.0 has SQL Injection via the itechd.php productid parameter....

FortunescriptsQuibids Clone
7.5
CVSSv2
CVE-2017-15961

iProject Management System 1.0 allows SQL Injection via the ID parameter to index.php....

7.5
CVSSv2
CVE-2018-5979

SQL Injection exists in Wchat Fully Responsive PHP AJAX Chat Script 1.5 via the login.php User field....

Wchat ProjectWchat
5
CVSSv2
CVE-2018-7482

** DISPUTED ** The K2 component 2.8.0 for Joomla! has Incorrect Access Control with directory traversal, allowing an attacker to download arbitrary files, as demonstrated by a view=media&task=connector&cmd=file&target=l1_../configuration.php&download=1 request....

7.5
CVSSv2
CVE-2018-5990

SQL Injection exists in the AllVideos Reloaded 1.2.x component for Joomla! via the divid parameter....

7.5
CVSSv2
CVE-2018-6368

SQL Injection exists in the JomEstate PRO through 3.7 component for Joomla! via the id parameter in a task=detailed action....

ComdevJomestate Pro
7.5
CVSSv2
CVE-2017-17637

Car Rental Script 2.0.4 has SQL Injection via the countrycode1.php val parameter....

7.5
CVSSv2
CVE-2017-15982

Dynamic News Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing....

7.5
CVSSv2
CVE-2018-6372

SQL Injection exists in the JB Bus 2.3 component for Joomla! via the order_number parameter....

JoombookingJb Bus