Donato Ferrante

39 exploits Active since Jan 2004
EIP-2026-119248 EXPLOITDB text WRITEUP
Video Cam Server 1.0 - Administrative Interface Authentication Bypass
CVE-2004-1739 EXPLOITDB java WORKING POC
Bird Chat 1.61 - Denial of Service via Invalid User Handling
Bird Chat 1.61 allows remote attackers to cause a denial of service (crash) via invalid users.
EIP-2026-119328 EXPLOITDB text WORKING POC
yawcam 0.2.5 - Directory Traversal
EIP-2026-119250 EXPLOITDB text WORKING POC
Video Cam Server 1.0 - Full Path Disclosure
EIP-2026-119249 EXPLOITDB text WORKING POC
video cam server 1.0 - Directory Traversal
CVE-2004-0313 EXPLOITDB c WORKING POC
PSOProxy 0.91 - Buffer Overflow via Long HTTP Request
Buffer overflow in PSOProxy 0.91 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long HTTP request, as demonstrated using a long (1) GET argument or (2) method name.
CVE-2004-2116 EXPLOITDB text WRITEUP
Tiny Server 1.1 - Path Traversal
Directory traversal vulnerability in Tiny Server 1.1 allows remote attackers to read or download arbitrary files via a .. (dot dot) in the URL.
CVE-2004-2119 EXPLOITDB text WRITEUP
Tiny Server 1.1 - XSS
Cross-site scripting (XSS) vulnerability in Tiny Server 1.1 allows remote attackers to inject arbitrary web script or HTML via the URL.
CVE-2005-1493 EXPLOITDB text WRITEUP
SimpleCam 1.2 - Directory Traversal via URL Path
Directory traversal vulnerability in SimpleCam 1.2 allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the URL.
CVE-2004-2112 EXPLOITDB python WORKING POC
bremsserver 1.2.4 - Directory Traversal via URL
Directory traversal vulnerability in BremsServer 1.2.4 allows remote attackers to read arbitrary files via ".." (dot dot) sequences in the URL.
CVE-2004-0349 EXPLOITDB text WRITEUP
GWeb HTTP Server 0.6 - Path Traversal
Directory traversal vulnerability in GWeb HTTP Server 0.6 allows remote attackers to view arbitrary files via a .. (dot dot) in the URL.
CVE-2005-0950 EXPLOITDB text WRITEUP
FastStone 4in1 Browser 1.2 - Path Traversal
Directory traversal vulnerability in FastStone 4in1 Browser 1.2 allows remote attackers to read arbitrary files via a (1) ... (triple dot) or (2) ..\ (dot dot backslash) in the URL.
CVE-2006-0971 EXPLOITDB text WORKING POC
DirectContact 0.3b - Directory Traversal via URL
Directory traversal vulnerability in Lionel Reyero DirectContact 0.3b allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.
CVE-2004-1887 EXPLOITDB text WRITEUP
Ada Image Server 0.4 - Info Disclosure
Ada Image Server (ImgSvr) 0.4 allows remote attackers to view directories or download files via an HTTP request with a trailing %00 (null).
CVE-2004-1887 EXPLOITDB text WRITEUP
Ada Image Server 0.4 - Info Disclosure
Ada Image Server (ImgSvr) 0.4 allows remote attackers to view directories or download files via an HTTP request with a trailing %00 (null).
EIP-2026-116502 EXPLOITDB text WORKING POC
Vizer Web Server 1.9.1 - Remote Denial of Service
CVE-2004-2117 EXPLOITDB text WRITEUP
Tiny Server 1.1 - DoS
Tiny Server 1.1 allows remote attackers to cause a denial of service (crash) via malformed HTTP requests such as (1) a GET request without the HTTP version (HTTP/1.1), or (2) a request without GET or the HTTP version.
CVE-2004-2035 EXPLOITDB text WORKING POC
MiniShare 1.3.2 - Denial of Service via Malformed HTTP Request
MiniShare 1.3.2 allows remote attackers to cause a denial of service (crash) via a malformed HTTP GET or HEAD request without the proper number of trailing CRLF sequences.
EIP-2026-116144 EXPLOITDB text WORKING POC
RaidenHTTPD 1.1.27 - Remote File Disclosure
CVE-2004-2129 EXPLOITDB text WORKING POC
SurfNOW Professional - Denial of Service via Long HTTP GET Requests
SurfNOW 2.2 allows remote attackers to cause a denial of service (crash) via a series of long HTTP GET requests, possibly triggering a buffer overflow.
EIP-2026-115345 EXPLOITDB text WORKING POC
GoodTech Telnet Server 4.0 - Remote Denial of Service
EIP-2026-110474 EXPLOITDB text WRITEUP
Parachat 5.5 - Directory Traversal
CVE-2004-0673 EXPLOITDB text WRITEUP
SCI Photo Chat Server 3.4.9 - Cross-Site Scripting via Error Message
Cross-site scripting (XSS) vulnerability in SCI Photo Chat Server 3.4.9 allows remote attackers to execute arbitrary web script as other users via an invalid request that is echoed in the resulting error message.
CVE-2004-1127 EXPLOITDB java WORKING POC
Open Dc Hub 0.7.14 - Authenticated Buffer Overflow via RedirectAll Command
Buffer overflow in Open Dc Hub 0.7.14 allows remote attackers, with administrator privileges, to execute arbitrary code via a long RedirectAll command.
CVE-2004-2096 EXPLOITDB text WORKING POC
mephistoles_httpd 0.6.0 final - Cross-Site Scripting via URL Injection
Cross-site scripting (XSS) vulnerability in Mephistoles httpd 0.6.0 final allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into the URL.