Michal Majchrowicz

6 exploits Active since Mar 2007
CVE-2023-45184 NOMISEC MEDIUM WORKING POC
IBM i Access Client Solutions <1.1.2, 1.1.4.3-1.1.9.3 - Info Disclo...
IBM i Access Client Solutions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.3 could allow an attacker to obtain a decryption key due to improper authority checks. IBM X-Force ID: 268270.
CVSS 6.2
CVE-2007-1492 EXPLOITDB text WORKING POC
Microsoft Windows XP - Denial of Service
winmm.dll in Microsoft Windows XP allows user-assisted remote attackers to cause a denial of service (infinite loop) via a large cch argument value to the mmioRead function, as demonstrated by a crafted WAV file.
CVE-2007-3171 EXPLOITDB text WRITEUP
Uebimiau Webmail - Info Disclosure
Uebimiau Webmail allows remote attackers to obtain sensitive information via a request to demo/pop3/error.php with an invalid value of the (1) smarty or (2) selected_theme parameter, which reveals the path in various error messages.
CVE-2007-3170 EXPLOITDB text WRITEUP
Uebimiau - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Uebimiau Webmail allow remote attackers to inject arbitrary web script or HTML via (1) the PATH_INFO to redirect.php or (2) the selected_theme parameter to demo/pop3/error.php.
CVE-2007-5728 EXPLOITDB text WORKING POC
Phppgadmin - XSS
Cross-site scripting (XSS) vulnerability in phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, allows remote attackers to inject arbitrary web script or HTML via certain input available in PHP_SELF in (1) redirect.php, possibly related to (2) login.php, different vectors than CVE-2007-2865.
CVE-2007-2865 EXPLOITDB text WRITEUP
phpPgAdmin 4.1.1 - XSS
Cross-site scripting (XSS) vulnerability in sqledit.php in phpPgAdmin 4.1.1 allows remote attackers to inject arbitrary web script or HTML via the server parameter.