Jan Fry

5 exploits Active since Nov 2007
CVE-2008-0438 EXPLOITDB text WORKING POC
Novemberborn Sifr - XSS
Cross-site scripting (XSS) vulnerability in the font rendering functionality in Novemberborn sIFR 2.0.2 allows remote attackers to inject arbitrary web script or HTML via the txt parameter to a Flash (SWF) file, as demonstrated by fonts/FuturaLt.swf.
CVE-2007-6054 EXPLOITDB text WORKING POC
Aruba 800 Mobility Controller <2.5.4.18 & <2.4.8.6-FIPS - XSS
Cross-site scripting (XSS) vulnerability in the login page in the management interface in the Aruba 800 Mobility Controller 2.5.4.18 and earlier, and 2.4.8.6-FIPS and earlier, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the /screens URI, related to the url variable.
EIP-2026-103166 EXPLOITDB text WORKING POC
Mitel Audio and Web Conferencing (AWC) - Arbitrary Shell Command Injection
CVE-2007-5979 EXPLOITDB text WORKING POC
F5 Firepass 4100 SSL VPN <6.0.1 - XSS
Cross-site scripting (XSS) vulnerability in download_plugin.php3 in F5 Firepass 4100 SSL VPN 5.4 through 5.5.2 and 6.0 through 6.0.1 allows remote attackers to inject arbitrary web script or HTML via the backurl parameter.
EIP-2026-100859 EXPLOITDB text WRITEUP
Mitel AWC - Command Execution