Andy Davis

8 exploits Active since Dec 2003
EIP-2026-118868 EXPLOITDB text WRITEUP
Microsoft URLScan 2.5/RSA Security SecurID 5.0 - Configuration Enumeration
CVE-2003-1157 EXPLOITDB text WORKING POC
Citrix MetaFrame XP Server 1.0 - Cross-Site Scripting via NFuse_Message Parameter
Cross-site scripting (XSS) vulnerability in login.asp in Citrix MetaFrame XP Server 1.0 allows remote attackers to inject arbitrary web script or HTML via the NFuse_Message parameter.
EIP-2026-115628 EXPLOITDB c WORKING POC
Microsoft ActiveSync 3.5 - Null Pointer Dereference Denial of Service
EIP-2026-103973 EXPLOITDB python WORKING POC
Lumension Security Lumension Device Control 4.x - Memory Corruption
CVE-2014-1287 EXPLOITDB text WRITEUP
Apple iOS < 7.1 and tvOS < 6.1 - Memory Corruption via USB Host
USB Host in Apple iOS before 7.1 and Apple TV before 6.1 allows physically proximate attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted USB messages.
CVE-2007-2586 EXPLOITDB c WORKING POC
Cisco IOS 11.3-12.4 - Unauthenticated Remote Code Execution via FTP MKD Command
The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that involves access to a VTY device and overflows a buffer, aka bug ID CSCek55259.
CVE-2007-5381 EXPLOITDB text WRITEUP
Cisco IOS - Stack-based Buffer Overflow via Long Hostname in LPD Error Message
Stack-based buffer overflow in the Line Printer Daemon (LPD) in Cisco IOS before 12.2(18)SXF11, 12.4(16a), and 12.4(2)T6 allow remote attackers to execute arbitrary code by setting a long hostname on the target system, then causing an error message to be printed, as demonstrated by a telnet session to the LPD from a source port other than 515.
CVE-2005-4510 EXPLOITDB text WORKING POC
NetPublish Server 7 - Path Traversal
Directory traversal vulnerability in server.np in NetPublish Server 7 allows remote attackers to read arbitrary files via "../" sequences in the template parameter.