David Wharton

2 exploits Active since Feb 2008

CVE-2008-0572 EXPLOITDB text WORKING POC

Mindmeld - Code Injection

Multiple PHP remote file inclusion vulnerabilities in Mindmeld 1.2.0.10 allow remote attackers to execute arbitrary PHP code via a URL in the MM_GLOBALS[home] parameter to (1) acweb/admin_index.php; and (2) ask.inc.php, (3) learn.inc.php, (4) manage.inc.php, (5) mind.inc.php, and (6) sensory.inc.php in include/.

View Code

CVE-2008-0830 EXPLOITDB perl WORKING POC

Apple Iphoto - Improper Input Validation

The Digital Photo Access Protocol (DPAP) server for iPhoto 4.0.3 allows remote attackers to cause a denial of service (crash) via a malformed dpap: URI, a different vulnerability than CVE-2008-0043.

View Code