Krzysztof Kotowicz

7 exploits Active since Jun 2011
CVE-2013-6805 WRITEUP WORKING POC
Opentext Exceed Ondemand - Cryptographic Issue
OpenText Exceed OnDemand (EoD) 8 uses weak encryption for passwords, which makes it easier for (1) remote attackers to discover credentials by sniffing the network or (2) local users to discover credentials by reading a .eod8 file.
CVE-2013-6806 WRITEUP WORKING POC
Opentext Exceed Ondemand - Authentication Bypass
OpenText Exceed OnDemand (EoD) 8 allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive information via a crafted string in a response, which triggers a downgrade to simple authentication that sends credentials in plaintext.
CVE-2013-6807 WRITEUP WORKING POC
Opentext Exceed Ondemand - Cryptographic Issue
The client in OpenText Exceed OnDemand (EoD) 8 supports anonymous ciphers by default, which allows man-in-the-middle attackers to bypass server certificate validation, redirect a connection, and obtain sensitive information via crafted responses.
CVE-2013-6994 WRITEUP WORKING POC
Opentext Exceed Ondemand - Cryptographic Issue
OpenText Exceed OnDemand (EoD) 8 transmits the session ID in cleartext, which allows remote attackers to perform session fixation attacks by sniffing the network.
CVE-2011-4885 METASPLOIT ruby WORKING POC
Php < 5.3.8 - Improper Input Validation
PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
CVE-2012-1915 EXPLOITDB MEDIUM text WRITEUP
Codeigniter < 2.1.2 - XSS
EllisLab CodeIgniter 2.1.2 allows remote attackers to bypass the xss_clean() Filter and perform XSS attacks.
CVSS 6.1
CVE-2011-2202 EXPLOITDB text WORKING POC
PHP <5.3.7 - Path Traversal
The rfc1867_post_handler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, which allows remote attackers to conduct absolute path traversal attacks, and possibly create or overwrite arbitrary files, via a crafted upload request, related to a "file path injection vulnerability."