Donnie Werner

8 exploits Active since Sep 2003
CVE-2005-4698 EXPLOITDB text WORKING POC
TellMe <= 1.2 - Cross-Site Scripting via q_IP or q_Host Parameter
Cross-site scripting (XSS) vulnerability in TellMe 1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the 91) q_IP (IP) or (2) q_Host (HOST) parameters.
CVE-2004-2547 EXPLOITDB text WRITEUP
NetWin SurgeMail <2.0c - Info Disclosure
NetWin (1) SurgeMail before 2.0c and (2) WebMail allow remote attackers to obtain sensitive information via HTTP requests that (a) specify the / URI, (b) specify the /scripts/ URI, or (c) specify a non-existent file, which reveal the path in an error message.
CVE-2004-2548 EXPLOITDB text WRITEUP
SurgeMail < 2.0c and WebMail - Cross-Site Scripting via URI or Login Username Field
Multiple cross-site scripting (XSS) vulnerabilities in NetWin (1) SurgeMail before 2.0c and (2) WebMail allow remote attackers to inject arbitrary web script or HTML via (a) a URI containing the script, or (b) the username field in the login form. NOTE: it is possible that the first attack vector is resultant from the error message issue (CVE-2004-2547).
CVE-2005-2523 EXPLOITDB text WRITEUP
Weblog Server 10.4-10.4.2 - Cross-Site Scripting
Multiple cross-site scripting (XSS) vulnerabilities in Weblog Server in Mac OS X 10.4 to 10.4.2 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.
CVE-2003-1513 EXPLOITDB text WRITEUP
Resin 2.0-2.1.2 - Cross-Site Scripting via Example Script Parameters
Multiple cross-site scripting (XSS) vulnerabilities in example scripts in Caucho Technology Resin 2.0 through 2.1.2 allow remote attackers to inject arbitrary web script or HTML via (1) env.jsp, (2) form.jsp, (3) session.jsp, (4) the move parameter to tictactoe.jsp, or the (5) name or (6) comment fields to guestbook.jsp.
EIP-2026-100874 EXPLOITDB text WORKING POC
PerlDiver 2.31 - 'Perldiver.cgi' Cross-Site Scripting
EIP-2026-100797 EXPLOITDB text WRITEUP
Eudora WorldMail 2.0 - Search Cross-Site Scripting
CVE-2003-0769 EXPLOITDB text WORKING POC
ICQ - Cross-Site Scripting via Guestbook Message Field
Cross-site scripting (XSS) vulnerability in the ICQ Web Front guestbook (guestbook.html) allows remote attackers to insert arbitrary web script and HTML via the message field.