Brad Antoniewicz

5 exploits Active since Oct 2008
CVE-2008-4421 EXPLOITDB text WORKING POC
MetaGauge < 1.0.3.38 - Path Traversal via Dot Dot Backslash in URL
Directory traversal vulnerability in MetaGauge 1.0.0.17, and probably other versions before 1.0.3.38, allows remote attackers to read arbitrary files via a "..\" (dot dot backslash) in the URL.
EIP-2026-116962 EXPLOITDB c WORKING POC
Cisco WebEx One-Click Client Password Encryption - Information Disclosure
CVE-2008-6200 EXPLOITDB text WRITEUP
Swiki 1.5 - Cross-Site Scripting via Query String and New Wiki Entry
Multiple cross-site scripting (XSS) vulnerabilities in Swiki 1.5 allow remote attackers to inject arbitrary web script or HTML via (1) the query string and (2) a new wiki entry.
CVE-2008-4931 EXPLOITDB text WRITEUP
firmCHANNEL Digital Signage 3.24 - Cross-Site Scripting via Account Module Action Parameter
Cross-site scripting (XSS) vulnerability in the account module in firmCHANNEL Digital Signage 3.24, and possibly earlier versions, allows remote attackers to inject arbitrary web script or HTML via the action parameter to index.php.
CVE-2009-2732 EXPLOITDB ruby WORKING POC
ntop < 3.3.10 - Denial of Service via Malformed Authorization Header
The checkHTTPpassword function in http.c in ntop 3.3.10 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an Authorization HTTP header that lacks a : (colon) character in the base64-decoded string.