Oliver Karow

26 exploits Active since Oct 2003
CVE-2004-2748 EXPLOITDB text WRITEUP
NetIQ WebTrends Reporting Center Enterprise Edition 6.1a - Information Disclosure via Invalid profileid Parameter
viewreport.pl in NetIQ WebTrends Reporting Center Enterprise Edition 6.1a allows remote attackers to determine the installation path via an invalid profileid parameter, which leaks the pathname in an error message.
EIP-2026-119363 EXPLOITDB text WRITEUP
Dr. Web Control Center 6.00.3.201111300 - Cross-Site Scripting
CVE-2004-2564 EXPLOITDB text WRITEUP
Sambar Server 6.1 Beta 2 - Cross-Site Scripting via show.asp show Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Sambar Server 6.1 Beta 2 on Windows, and possibly other versions on Linux, allow remote attackers to inject arbitrary web script or HTML via (1) the show parameter in show.asp and (2) the title parameter in showperf.asp.
CVE-2005-1118 EXPLOITDB text WORKING POC
RSA Authentication Agent for Web <5.2 - XSS
Cross-site scripting (XSS) vulnerability in IISWebAgentIF.dll in the RSA Authentication Agent for Web 5.2 allows remote attackers to inject arbitrary web script or HTML via the postdata parameter.
CVE-2004-2565 EXPLOITDB text WRITEUP
Sambar Server 6.1 Beta 2 - Path Traversal
Multiple directory traversal vulnerabilities in Sambar Server 6.1 Beta 2 on Windows, and possibly other versions on Linux, when the administrative IP address restrictions have been modified from the default, allow remote authenticated users to read arbitrary files via (1) a "..\" (dot dot backslash) in the file parameter to showini.asp, or (2) an absolute path with drive letter in the log parameter to showlog.asp.
CVE-2004-2564 EXPLOITDB text WRITEUP
Sambar Server 6.1 Beta 2 - Cross-Site Scripting via show.asp show Parameter
Multiple cross-site scripting (XSS) vulnerabilities in Sambar Server 6.1 Beta 2 on Windows, and possibly other versions on Linux, allow remote attackers to inject arbitrary web script or HTML via (1) the show parameter in show.asp and (2) the title parameter in showperf.asp.
EIP-2026-118677 EXPLOITDB text WORKING POC
Imatix Xitami 2.5 - Server-Side Includes Cross-Site Scripting
CVE-2008-0396 EXPLOITDB text WORKING POC
BitDefender Update Server - Unauthenticated Path Traversal via HTTP Request
Directory traversal vulnerability in BitDefender Update Server (http.exe), as used in BitDefender products including Security for Fileservers and Enterprise Manager (BDEM), allows remote attackers to read arbitrary files via .. (dot dot) sequences in an HTTP request.
CVE-2004-2128 EXPLOITDB text WRITEUP
BRS WebWeaver 1.07 - Cross-Site Scripting via ISAPISkeleton.dll Query String
Cross-site scripting (XSS) vulnerability in BRS WebWeaver 1.07 allows remote attackers to execute arbitrary script as other users via the query string to ISAPISkeleton.dll.
CVE-2005-1708 EXPLOITDB text WORKING POC
Blue Coat Reporter <7.1.2 - Privilege Escalation
templates.admin.users.user_form_processing in Blue Coat Reporter before 7.1.2 allows authenticated users to gain administrator privileges via an HTTP POST that sets volatile.user.administrator to true.
CVE-2005-1709 EXPLOITDB text WRITEUP
Blue Coat Reporter < 7.1.1 - Unauthenticated License Addition
Unknown vulnerability in Blue Coat Reporter before 7.1.2 allows remote unauthenticated attackers to add a license.
EIP-2026-116396 EXPLOITDB perl WORKING POC
TelCondex SimpleWebserver 2.12.30210 build 3285 - HTTP Referer Remote Buffer Overflow
CVE-2004-2022 EXPLOITDB text WORKING POC
ActivePerl - Denial of Service and Possible Remote Code Execution via Long System Command Argument
ActivePerl 5.8.x and others, and Larry Wall's Perl 5.6.1 and others, when running on Windows systems, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long argument to the system command, which leads to a stack-based buffer overflow. NOTE: it is unclear whether this bug is in Perl or the OS API that is used by Perl.
EIP-2026-110017 EXPLOITDB text WRITEUP
Octogate UTM 3.0.12 - Admin Interface Directory Traversal
EIP-2026-104130 EXPLOITDB text WRITEUP
WebWasher Classic 2.2/3.3 - Error Message Cross-Site Scripting
CVE-2005-0316 EXPLOITDB text WORKING POC
WebWasher Classic 2.2.1 and 3.3 - Unauthenticated Access Restriction Bypass via CONNECT Request
WebWasher Classic 2.2.1 and 3.3, when running in server mode, does not properly drop CONNECT requests to the localhost from external systems, which could allow remote attackers to bypass intended access restrictions.
CVE-2006-0254 EXPLOITDB text WRITEUP
Apache Geronimo 1.0 - Cross-Site Scripting via cal2.jsp Time Parameter and Invalid Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Apache Geronimo 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) time parameter to cal2.jsp and (2) any invalid parameter, which causes an XSS when the log file is viewed by the Web-Access-Log viewer.
CVE-2003-1151 EXPLOITDB text WRITEUP
Fastream NETFile Server 6.0.3.588 - XSS
Cross-site scripting (XSS) vulnerability in Fastream NETFile Server 6.0.3.588 allows remote attackers to inject arbitrary web script or HTML via the URL, which is displayed on a "404 Not Found" error page.
CVE-2003-1511 EXPLOITDB text WRITEUP
Bajie Java HTTP Server 0.95-0.95zxv4 - Cross-Site Scripting via Query String or Servlet Parameters
Cross-site scripting (XSS) vulnerability in Bajie Java HTTP Server 0.95 through 0.95zxv4 allows remote attackers to inject arbitrary web script or HTML via (1) the query string to test.txt, (2) the guestName parameter to the custMsg servlet, or (3) the cookiename parameter to the CookieExample servlet.
CVE-2006-0254 EXPLOITDB text WORKING POC
Apache Geronimo 1.0 - Cross-Site Scripting via cal2.jsp Time Parameter and Invalid Parameters
Multiple cross-site scripting (XSS) vulnerabilities in Apache Geronimo 1.0 allow remote attackers to inject arbitrary web script or HTML via the (1) time parameter to cal2.jsp and (2) any invalid parameter, which causes an XSS when the log file is viewed by the Web-Access-Log viewer.
CVE-2005-2729 EXPLOITDB text WORKING POC
Astaro Security Linux 6.0 - Unauthenticated Firewall Bypass via HTTP CONNECT Request
The HTTP proxy in Astaro Security Linux 6.0 does not properly filter HTTP CONNECT requests to localhost, which allows remote attackers to bypass firewall rules and connect to local services.
CVE-2003-0866 EXPLOITDB perl WORKING POC
Apache Tomcat 4.0.x-4.0.3 - Denial of Service via Malformed HTTP Requests
The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests.
EIP-2026-100887 EXPLOITDB text WRITEUP
RemotelyAnywhere - Default.HTML Logout Message Injection
EIP-2026-100934 EXPLOITDB text WORKING POC
WebWasher CSM 4.4.1 Build 752 Conf Script - Cross-Site Scripting
CVE-2005-1006 EXPLOITDB text WORKING POC
SonicWALL SOHO 5.1.7.0 - Stored Cross-Site Scripting via URL or User Login Name
Multiple cross-site scripting (XSS) vulnerabilities in SonicWALL SOHO 5.1.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the URL or (2) the user login name, which is not filtered when the administrator views the log file.