Eric Beaulieu

2 exploits Active since Aug 2008
CVE-2008-3850 EXPLOITDB text WORKING POC
Accellion File Transfer FTA_7_0_135 - XSS
Cross-site scripting (XSS) vulnerability in Accellion File Transfer FTA_7_0_135 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to courier/forgot_password.html.
CVE-2008-7012 EXPLOITDB text WORKING POC
Accellion Secure File Transfer Appliance < 7_0_178 - Spam Email Injection via Error Reporting Page
courier/1000@/api_error_email.html (aka "error reporting page") in Accellion File Transfer Appliance FTA_7_0_178, and possibly other versions before FTA_7_0_189, allows remote attackers to send spam e-mail via modified description and client_email parameters.