Marc Ruef

9 exploits Active since Feb 2000
CVE-2002-1907 EXPLOITDB text WRITEUP
Telcondex Simplewebserver - Denial of Service
TelCondex SimpleWebServer 2.06.20817 allows remote attackers to cause a denial of service (crash) via a long HTTP GET request.
CVE-2002-1897 EXPLOITDB text WRITEUP
Mywebserver - Buffer Overflow
MyWebServer LLC MyWebServer 1.0.2 allows remote attackers to cause a denial of service (crash) via a long HTTP request, possibly triggering a buffer overflow.
CVE-2003-0375 EXPLOITDB text WRITEUP
XMBforum XMB <1.8.x - XSS
Cross-site scripting (XSS) vulnerability in member.php of XMBforum XMB 1.8.x (aka Partagium) allows remote attackers to insert arbitrary HTML and web script via the "member" parameter.
CVE-2004-1699 EXPLOITDB text WRITEUP
Pinnacle Systems Showcenter - Denial of Service
SettingsBase.php in Pinnacle ShowCenter 1.51 allows remote attackers to cause a denial of service (web interface errors) via an invalid Skin parameter.
CVE-2000-0204 EXPLOITDB text WORKING POC
Trend Micro Officescan - Denial of Service
The Trend Micro OfficeScan client allows remote attackers to cause a denial of service by making 5 connections to port 12345, which raises CPU utilization to 100%.
CVE-2004-2032 EXPLOITDB text WRITEUP
Netgear RP114 - CSRF
Netgear RP114 allows remote attackers to bypass the keyword based URL filtering by requesting a long URL, as demonstrated using a large number of %20 (hex-encoded space) sequences.
CVE-2008-4133 EXPLOITDB text WRITEUP
D-link Dir-100 - Improper Input Validation
The web proxy service on the D-Link DIR-100 with firmware 1.12 and earlier does not properly filter web requests with large URLs, which allows remote attackers to bypass web restriction filters.
EIP-2026-101014 EXPLOITDB text STUB
Dreambox - Web Interface URI Remote Denial of Service
CVE-2007-2832 EXPLOITDB text WRITEUP
Cisco CallManager <4.3 - XSS
Cross-site scripting (XSS) vulnerability in the web application firewall in Cisco CallManager before 3.3(5)sr3, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allows remote attackers to inject arbitrary web script or HTML via the pattern parameter to CCMAdmin/serverlist.asp (aka the search-form) and possibly other unspecified vectors.