Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ihsan sencan vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2017-14704
Multiple unrestricted file upload vulnerabilities in the (1) imageSubmit and (2) proof_submit functions in Claydip Laravel Airbnb Clone 1.0 allow remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct ...
Claydip Airbnb Clone 1.0
1 EDB exploit
9.8
CVSSv3
CVE-2017-14703
SQL injection vulnerability in Cash Back Comparison Script 1.0 allows remote malicious users to execute arbitrary SQL commands via the PATH_INFO to search/.
Cashbackcomparisonscript Cash Back Comparison 1.0
1 EDB exploit
9.8
CVSSv3
CVE-2017-15978
AROX School ERP PHP Script 1.0 allows SQL Injection via the office_admin/ id parameter.
Arox School Erp Php Script 1.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-5987
SQL Injection exists in the Pinterest Clone Social Pinboard 2.0 component for Joomla! via the pin_id or user_id parameter in a task=getlikeinfo action, the ends parameter in a view=gift action, the category parameter in a view=home action, the uid parameter in a view=pindisplay a...
Social Pinboard Project Social Pinboard 2.0
1 EDB exploit
9.8
CVSSv3
CVE-2018-6583
SQL Injection exists in the Timetable Responsive Schedule 1.5 component for Joomla! via a view=event&alias= request.
Quanticalabs Timetable Responsive Schedule 1.5
1 EDB exploit
9.8
CVSSv3
CVE-2017-15982
Dynamic News Magazine & Blog CMS 1.0 allows SQL Injection via the id parameter to admin/admin_process.php for form editing.
Geniusocean News 1.0
1 EDB exploit
9.8
CVSSv3
CVE-2017-17612
Hot Scripts Clone 3.1 has SQL Injection via the /categories subctid or mctid parameter.
Hot Scripts Clone Project Hot Scripts Clone 3.1
2 EDB exploits
9.8
CVSSv3
CVE-2017-17643
FS Lynda Clone 1.0 has SQL Injection via the keywords parameter to tutorial/.
Lynda Clone Project Lynda Clone 1.0
1 EDB exploit
9.8
CVSSv3
CVE-2017-17645
Bus Booking Script 1.0 has SQL Injection via the txtname parameter to admin/index.php.
Phpautoclassifiedscript Bus Booking Script 1.0
1 EDB exploit
9.8
CVSSv3
CVE-2017-17651
Paid To Read Script 2.0.5 has SQL Injection via the admin/userview.php uid parameter, the admin/viewemcamp.php fnum parameter, or the admin/viewvisitcamp.php fn parameter.
Paid To Read Script Project Paid To Read Script 2.0.5
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »