Josh Zlatin-Amishav

4 exploits Active since Nov 2005
CVE-2005-3813 EXPLOITDB text WORKING POC
MailEnable Professional 1.7 and Enterprise 1.1 - Authenticated Denial of Service via IMAP RENAME Command
IMAP service (meimaps.exe) of MailEnable Professional 1.7 and Enterprise 1.1 allows remote authenticated attackers to cause a denial of service (application crash) by using RENAME with a non-existent mailbox, a different vulnerability than CVE-2005-3690.
CVE-2006-0315 EXPLOITDB text WRITEUP
EZDatabase < 2.1.1 - Directory Traversal and Cross-Site Scripting via p Parameter
index.php in EZDatabase before 2.1.2 does not properly cleanse the p parameter before constructing and including a .php filename, which allows remote attackers to conduct directory traversal attacks, and produces resultant cross-site scripting (XSS) and path disclosure.
EIP-2026-106716 EXPLOITDB text WRITEUP
EasyGuppy 4.5.4/4.5.5 - 'Printfaq.php' Directory Traversal
CVE-2006-0911 EXPLOITDB text WORKING POC
Ipswitch WhatsUp Professional 2006 - Denial of Service via Crafted Login.asp Requests
NmService.exe in Ipswitch WhatsUp Professional 2006 allows remote attackers to cause a denial of service (CPU consumption) via crafted requests to Login.asp, possibly involving the (1) "In]" and (2) "b;tnLogIn" parameters, or (3) malformed btnLogIn parameters, possibly involving missing "[" (open bracket) or "[" (closing bracket) characters, as demonstrated by "&btnLogIn=[Log&In]=&" or "&b;tnLogIn=[Log&In]=&" in the URL. NOTE: due to the lack of diagnosis by the original researcher, the precise nature of the vulnerability is unclear.