Brad Antoniewicz

5 exploits Active since Oct 2008
CVE-2008-4421 EXPLOITDB text WORKING POC
Hammer-software Metagauge < 1.0.0.20 - Path Traversal
Directory traversal vulnerability in MetaGauge 1.0.0.17, and probably other versions before 1.0.3.38, allows remote attackers to read arbitrary files via a "..\" (dot dot backslash) in the URL.
EIP-2026-116962 EXPLOITDB c WORKING POC
Cisco WebEx One-Click Client Password Encryption - Information Disclosure
CVE-2008-6200 EXPLOITDB text WRITEUP
Swiki - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Swiki 1.5 allow remote attackers to inject arbitrary web script or HTML via (1) the query string and (2) a new wiki entry.
CVE-2008-4931 EXPLOITDB text WRITEUP
Firmchannel Digital Signage - XSS
Cross-site scripting (XSS) vulnerability in the account module in firmCHANNEL Digital Signage 3.24, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the action parameter to index.php.
CVE-2009-2732 EXPLOITDB ruby WORKING POC
ntop <3.3.10 - DoS
The checkHTTPpassword function in http.c in ntop 3.3.10 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an Authorization HTTP header that lacks a : (colon) character in the base64-decoded string.