Jesus Olmos Gonzalez

7 exploits Active since Jan 2006
CVE-2007-6307 EXPLOITDB bash WORKING POC
wwwstats 3.21 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in clickstats.php in wwwstats 3.21 allow remote attackers to inject arbitrary web script or HTML via (1) the link parameter or (2) the User-Agent HTTP header.
CVE-2006-0418 EXPLOITDB text WORKING POC
123 Flash Chat Server <5.1 - Code Injection
Eval injection vulnerability in 123 Flash Chat Server 5.0 and 5.1 allows attackers to execute arbitrary code via a crafted username.
CVE-2008-3285 EXPLOITDB text WORKING POC
Filesys::SmbClientParser <2.7 - RCE
The Filesys::SmbClientParser module 2.7 and earlier for Perl allows remote SMB servers to execute arbitrary code via a folder name containing shell metacharacters.
CVE-2012-1586 EXPLOITDB text WORKING POC
cifs-utils - Exposure of Sensitive Information via Error Message
mount.cifs in cifs-utils 2.6 allows local users to determine the existence of arbitrary files or directories via the file path in the second argument, which reveals their existence in an error message.
CVE-2006-2362 EXPLOITDB HIGH text WRITEUP
GNU Binutils < 2.17 - Buffer Overflow in TekHex Record Handling
Buffer overflow in getsym in tekhex.c in libbfd in Free Software Foundation GNU Binutils before 20060423, as used by GNU strings, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a file with a crafted Tektronix Hex Format (TekHex) record in which the length character is not a valid hexadecimal character.
CVSS 7.3
CVE-2006-6363 EXPLOITDB text WRITEUP
BlueSocket Secure Controller <5.2 - XSS
Cross-site scripting (XSS) vulnerability in admin.pl in BlueSocket Secure Controller (BSC) before 5.2, or without 5.1.1-BluePatch, allows remote attackers to inject arbitrary web script or HTML via the ad_name parameter.
CVE-2007-5993 EXPLOITDB text WORKING POC
VTLS vtls.web.gateway <48.1.1 - XSS
Cross-site scripting (XSS) vulnerability in Visionary Technology in Library Solutions (VTLS) vtls.web.gateway before 48.1.1 allows remote attackers to inject arbitrary web script or HTML via the searchtype parameter.