Jonathan Salwan

21 exploits Active since Apr 2008
CVE-2009-4790 EXPLOITDB c WORKING POC
Sysax Multi Server 4.5 - Path Traversal
Multiple directory traversal vulnerabilities in Sysax Multi Server 4.5 allow remote authenticated users to read or modify arbitrary files via crafted FTP commands. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
EIP-2026-119211 EXPLOITDB c WORKING POC
Telnet-Ftp Service Server 1.x - (Authenticated) Multiple Vulnerabilities
CVE-2009-4800 EXPLOITDB c WORKING POC
Sysax Multi Server 4.3 and 4.5 - Authenticated Path Traversal via DELE Command
Directory traversal vulnerability in Sysax Multi Server 4.3 and 4.5 allows remote authenticated users to delete arbitrary files via a ..// (dot dot slash slash) in a DELE command.
CVE-2009-1031 EXPLOITDB perl WORKING POC
Serv-U File Server 7.0.0.1-7.4.0.1 - Unauthenticated Directory Traversal via FTP MKD Command
Directory traversal vulnerability in the FTP server in Rhino Software Serv-U File Server 7.0.0.1 through 7.4.0.1 allows remote attackers to create arbitrary directories via a \.. (backslash dot dot) in an MKD request.
EIP-2026-118626 EXPLOITDB perl WORKING POC
GuildFTPd FTP Server 0.999.14 - Remote Delete Files
EIP-2026-118655 EXPLOITDB c WORKING POC
httpdx 0.8 - FTP Server Delete/Get/Create Directories/Files
CVE-2008-2032 EXPLOITDB c WORKING POC
Acritum Femitter Server 1.03 - Denial of Service via Crafted RETR Commands
The FTP service in Acritum Femitter Server 1.03 allows remote attackers to cause a denial of service (crash) by sending multiple crafted RETR commands. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2009-1668 EXPLOITDB c WORKING POC
TYPSoft FTP Server 1.11 - Denial of Service via ABOR Command
TYPSoft FTP Server 1.11 allows remote attackers to cause a denial of service (CPU consumption) by sending an ABOR (abort) command without an active file transfer.
CVE-2009-0967 EXPLOITDB perl WORKING POC
Serv-U File Server 7.0.0.1-7.4.0.1 - Authenticated Denial of Service via SMNT Command
The FTP server in Serv-U 7.0.0.1 through 7.4.0.1 allows remote authenticated users to cause a denial of service (service hang) via a large number of SMNT commands without an argument.
EIP-2026-116210 EXPLOITDB perl WORKING POC
Sami HTTP Server 2.x - 'HEAD' Remote Denial of Service
EIP-2026-116600 EXPLOITDB perl WORKING POC
Xitami Web Server 5.0 - Remote Denial of Service
CVE-2008-5626 EXPLOITDB c WORKING POC
XM Easy Personal FTP Server 5.6.0 - DoS
XM Easy Personal FTP Server 5.6.0 allows remote authenticated users to cause a denial of service via a crafted argument to the NLST command, as demonstrated by a -1 argument.
EIP-2026-116642 EXPLOITDB perl WORKING POC
Zervit Web Server 0.3 - sockets++ crash Remote Denial of Service
EIP-2026-115403 EXPLOITDB perl WORKING POC
httpdx 1.5.3 - '.png' File Handling Remote Denial of Service
EIP-2026-115073 EXPLOITDB perl WORKING POC
CompleteFTP 3.3.0 - Remote Memory Consumption Denial of Service
EIP-2026-111793 EXPLOITDB perl WORKING POC
RoomPHPlanning 1.6 - 'userform.php' Create Admin User
CVE-2009-4888 EXPLOITDB text WORKING POC
PHortail 1.2.1 - Cross-Site Scripting via Poster.php Parameters
Cross-site scripting (XSS) vulnerability in poster.php in PHortail 1.2.1 allows remote attackers to inject arbitrary web script or HTML via the (1) pseudo, (2) email, (3) ti, and (4) txt parameters.
CVE-2010-1301 EXPLOITDB perl WORKING POC
Centreon 2.1.5 - SQL Injection via host_id Parameter
SQL injection vulnerability in main.php in Centreon 2.1.5 allows remote attackers to execute arbitrary SQL commands via the host_id parameter.
CVE-2011-1938 EXPLOITDB php WORKING POC
PHP 5.3.3-5.3.6 - Stack-Based Buffer Overflow in socket_connect
Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers to execute arbitrary code via a long pathname for a UNIX socket.
EIP-2026-103674 EXPLOITDB c WORKING POC
SW-HTTPD Server 0.x - Remote Denial of Service
EIP-2026-102656 EXPLOITDB c WORKING POC
Linux Kernel 3.0.5 - 'test_root()' Local Denial of Service