BugSec LTD - Security Researcher - Exploit Intelligence Platform

CVE-2008-1230 EXPLOITDB text WRITEUP

JSPWiki <2.5.139 - RCE

Unrestricted file upload vulnerability in JSPWiki 2.4.104 and 2.5.139 allows remote attackers to upload and execute arbitrary .jsp files via an unspecified manipulation that attaches a .jsp file to an "entry page."

View Code

CVE-2008-1229 EXPLOITDB text WRITEUP

JSPWiki <2.5.139 - XSS

Cross-site scripting (XSS) vulnerability in Edit.jsp in JSPWiki 2.4.104 and 2.5.139 allows remote attackers to inject arbitrary web script or HTML via the editor parameter, a different vector than CVE-2007-5120.b.

View Code

EIP-2026-110314 EXPLOITDB text WRITEUP

OpenNMS < 1.5.96 - Multiple Vulnerabilities

View Code

EIP-2026-104014 EXPLOITDB text WORKING POC

OpenNMS 1.5.x - HTTP Response Splitting

View Code

CVE-2008-1231 EXPLOITDB text WRITEUP

JSPWiki <2.5.139 - Path Traversal

Directory traversal vulnerability in Edit.jsp in JSPWiki 2.4.104 and 2.5.139 allows remote attackers to include and execute arbitrary local .jsp files, and obtain sensitive information, via a .. (dot dot) in the editor parameter.

View Code