Matthew Murphy

51 exploits Active since Aug 2002
CVE-2002-1021 EXPLOITDB text WORKING POC
BadBlue - Unauthenticated Arbitrary File Read via Hex-Encoded Null Byte
BadBlue server allows remote attackers to read restricted files, such as EXT.INI, via an HTTP request that contains a hex-encoded null byte.
CVE-2002-2170 EXPLOITDB html WORKING POC
BadBlue Enterprise Edition <1.74 - RCE
Working Resources Inc. BadBlue Enterprise Edition 1.7 through 1.74 attempts to restrict administrator actions to the IP address of the local host, but does not provide additional authentication, which allows remote attackers to execute arbitrary code via a web page containing an HTTP POST request that accesses the dir.hts page on the localhost and adds an entire hard drive to be shared.
EIP-2026-119294 EXPLOITDB text WORKING POC
Working Resources 1.7.x/2.15 BadBlue - 'ext.dll' Command Execution
CVE-2002-1683 EXPLOITDB text WORKING POC
BadBlue Personal Edition 1.7.3 - Cross-Site Scripting via cleanSearchString() Function
Cross-site scripting (XSS) vulnerability in BadBlue Personal Edition 1.7.3 allows remote attackers to execute arbitrary script as other users by injecting script into the cleanSearchString() function.
CVE-2002-1685 EXPLOITDB text WORKING POC
BadBlue 1.7 and 1.7.2 - Cross-Site Scripting via ext.dll ISAPI
Cross-site scripting vulnerability (XSS) in BadBlue Enterprise Edition and Personal Edition 1.7 and 1.7.2 allows remote attackers to execute arbitrary script as other users by injecting script into ext.dll ISAPI.
CVE-2002-1455 EXPLOITDB text WORKING POC
OmniHTTPd - Cross-Site Scripting via test.php, test.shtml, or redir.exe
Multiple cross-site scripting (XSS) vulnerabilities in OmniHTTPd allow remote attackers to insert script or HTML into web pages via (1) test.php, (2) test.shtml, or (3) redir.exe.
EIP-2026-118983 EXPLOITDB text WORKING POC
OmniHTTPd 1.1/2.0.x/2.4 - Sample Application URL Encoded Newline HTML Injection
CVE-2002-2192 EXPLOITDB text WORKING POC
Perception LiteServe 2.0.1 - Cross-Site Scripting via Host Header or Directory Query String
Cross-site scripting (XSS) vulnerability in Perception LiteServe 2.0.1 allows remote attackers to execute arbitrary web script via (1) a Host: header when DNS wildcards are supported or (2) the query string in a "dir" request to indexed folders.
CVE-2002-1008 EXPLOITDB text WORKING POC
Lil' HTTP Server - Cross-Site Scripting via urlcount.cgi REPORT Function
Cross-site scripting vulnerability in PowerBASIC urlcount.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via a request to urlcount.cgi that contains the script, which is not filtered when the REPORT capability prints the original request.
CVE-2002-1009 EXPLOITDB text WORKING POC
Lil' HTTP Server - Cross-Site Scripting via Name or E-mail Parameters
Cross-site scripting vulnerability in PowerBASIC pbcgi.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via the (1) "Name" or (2) "E-mail" parameters.
CVE-2002-1455 EXPLOITDB text WORKING POC
OmniHTTPd - Cross-Site Scripting via test.php, test.shtml, or redir.exe
Multiple cross-site scripting (XSS) vulnerabilities in OmniHTTPd allow remote attackers to insert script or HTML into web pages via (1) test.php, (2) test.shtml, or (3) redir.exe.
CVE-2002-1209 EXPLOITDB text WORKING POC
SolarWinds TFTP Server <5.0.55 - Path Traversal
Directory traversal vulnerability in SolarWinds TFTP Server 5.0.55, and possibly earlier, allows remote attackers to read arbitrary files via "..\" (dot-dot backslash) sequences in a GET request.
CVE-2002-2192 EXPLOITDB text WRITEUP
Perception LiteServe 2.0.1 - Cross-Site Scripting via Host Header or Directory Query String
Cross-site scripting (XSS) vulnerability in Perception LiteServe 2.0.1 allows remote attackers to execute arbitrary web script via (1) a Host: header when DNS wildcards are supported or (2) the query string in a "dir" request to indexed folders.
CVE-2006-0005 EXPLOITDB perl WORKING POC
Windows Media Player 9-10 - Remote Code Execution via Long EMBED src Attribute
Buffer overflow in the plug-in for Microsoft Windows Media Player (WMP) 9 and 10, when used in browsers other than Internet Explorer and set as the default application to handle media files, allows remote attackers to execute arbitrary code via HTML with an EMBED element containing a long src attribute.
CVE-2002-1973 EXPLOITDB c WORKING POC
Microsoft Foundation Class Library - Buffer Overflow in CHttpServer::OnParseError via Long Query String
Buffer overflow in CHttpServer::OnParseError in the ISAPI extension (Isapi.cpp) when built using Microsoft Foundation Class (MFC) static libraries in Visual C++ 5.0, and 6.0 before SP3, as used in multiple products including BadBlue, allows remote attackers to cause a denial of service (access violation and crash) and possibly execute arbitrary code via a long query string that causes a parsing error.
CVE-2006-0005 EXPLOITDB html WORKING POC
Windows Media Player 9-10 - Remote Code Execution via Long EMBED src Attribute
Buffer overflow in the plug-in for Microsoft Windows Media Player (WMP) 9 and 10, when used in browsers other than Internet Explorer and set as the default application to handle media files, allows remote attackers to execute arbitrary code via HTML with an EMBED element containing a long src attribute.
EIP-2026-118809 EXPLOITDB text WORKING POC
Microsoft Internet Explorer 5 - Classic Mode FTP Client Cross Domain Scripting
EIP-2026-118864 EXPLOITDB text WRITEUP
Microsoft Outlook Express 5/6 - Spoofable File Extensions
CVE-2006-2094 EXPLOITDB html WORKING POC
Microsoft IE - Race Condition
Microsoft Internet Explorer before Windows XP Service Pack 2 and Windows Server 2003 Service Pack 1, when Prompt is configured in Security Settings, uses modal dialogs to verify that a user wishes to run an ActiveX control or perform other risky actions, which allows user-assisted remote attackers to construct a race condition that tricks a user into clicking an object or pressing keys that are actually applied to a "Yes" approval for executing the control.
EIP-2026-118837 EXPLOITDB html WORKING POC
Microsoft Internet Explorer 6 - Shell.Application Object Script Execution
CVE-2002-1965 EXPLOITDB text WRITEUP
Imatix Xitami 2.5b4 and 2.5b5 - Cross-Site Scripting via User-Agent Field
Cross-site scripting (XSS) vulnerability in Errors.gsl in Imatix Xitami 2.5b4 and 2.5b5 allows remote attackers to inject arbitrary web script or HTML via the (1) Javascript events, as demonstrated via an onerror event in an IMG SRC tag or (2) User-Agent field in an HTTP GET request.
EIP-2026-118258 EXPLOITDB text WORKING POC
AN HTTPD 1.x - Count.pl Directory Traversal
CVE-2002-2417 EXPLOITDB text WORKING POC
acFTP 1.4 - Improper Authentication
acFTP 1.4 does not properly handle when an invalid password is provided by the user during authentication, which allows remote attackers to hide or misrepresent certain activity from log files and possibly gain privileges.
CVE-2002-1023 EXPLOITDB text WORKING POC
BadBlue - Denial of Service via Empty HTTP GET Request
BadBlue server allows remote attackers to cause a denial of service (crash) via an HTTP GET request without a URI.
CVE-2002-1714 EXPLOITDB html WORKING POC
Microsoft Internet Explorer 5.0-6.0 - Denial of Service via Recursive HTML Object Handling
Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to cause a denial of service (crash) via an object of type "text/html" with the DATA field that identifies the HTML document that contains the object, which may cause infinite recursion.