Jeremy Bae

9 exploits Active since Apr 2004
CVE-2004-0173 EXPLOITDB text WRITEUP
Apache HTTP Server <= 1.3.29 and <= 2.0.48 on Cygwin - Directory Traversal via Dot Dot Encoded Backslash
Directory traversal vulnerability in Apache 1.3.29 and earlier, and Apache 2.0.48 and earlier, when running on Cygwin, allows remote attackers to read arbitrary files via a URL containing "..%5C" (dot dot encoded backslash) sequences.
CVE-2004-1075 EXPLOITDB text WRITEUP
Zwiki 0.10.0rc1-0.36.2 - Cross-Site Scripting via Malformed URL
Cross-site scripting (XSS) vulnerability in standard_error_message.dtml for Zwiki after 0.10.0rc1 to 0.36.2 allows remote attackers to inject arbitrary HTML and web script via a malformed URL, which is not properly cleansed when generating an error message.
EIP-2026-109560 EXPLOITDB text WORKING POC
MoniWiki 1.0/1.1 - 'Wiki.php' Cross-Site Scripting
CVE-2004-1405 EXPLOITDB text WRITEUP
MediaWiki <= 1.3.8 - Remote Code Execution via Double Extension File Upload
MediaWiki 1.3.8 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary code.
CVE-2004-1543 EXPLOITDB text WRITEUP
KorWeblog 1.6.2-cvs - Directory Traversal via Path Parameter
Directory traversal vulnerability in viewimg.php in KorWeblog 1.6.2-cvs and earlier allows remote attackers to list arbitrary directories via a .. (dot dot) in the path parameter.
EIP-2026-108931 EXPLOITDB text WRITEUP
JSBoard 2.0.x - Arbitrary Script Upload
EIP-2026-102538 EXPLOITDB text WRITEUP
Tmax Soft JEUS 3.1.4 p1 - URL.jsp Cross-Site Scripting
EIP-2026-102491 EXPLOITDB text WRITEUP
JSPWiki 2.1 - Cross-Site Scripting
EIP-2026-100921 EXPLOITDB text WRITEUP
UseModWiki 1.0 - Wiki.pl Cross-Site Scripting