Peter Winter-Smith

20 exploits Active since Aug 2003
CVE-2018-10933 NOMISEC CRITICAL WORKING POC
libssh Authentication Bypass Scanner
A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.
CVSS 9.1
CVE-2018-10933 METASPLOIT CRITICAL ruby WORKING POC
libssh Authentication Bypass Scanner
A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.
CVSS 9.1
CVE-2004-1784 EXPLOITDB perl WORKING POC
Webcam Watchdog 3.63 - Remote Code Execution via Long HTTP GET Request
Buffer overflow in the web server of Webcam Watchdog 3.63 allows remote attackers to execute arbitrary code via a long HTTP GET request.
EIP-2026-119247 EXPLOITDB text WRITEUP
vicomsoft rapidcache server 2.0/2.2.6 - Directory Traversal
EIP-2026-118953 EXPLOITDB text WORKING POC
NETObserve 2.0 - Authentication Bypass
CVE-2004-0200 EXPLOITDB c WORKING POC
Microsoft .NET Framework - Remote Code Execution via JPEG COM Field Length Overflow
Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
EIP-2026-118778 EXPLOITDB text WRITEUP
Methodus 3 Web Server - File Disclosure
CVE-2003-1192 EXPLOITDB perl WORKING POC
IA WebMail Server 3.1.0 - Stack-Based Buffer Overflow via Long GET Request
Stack-based buffer overflow in IA WebMail Server 3.1.0 allows remote attackers to execute arbitrary code via a long GET request.
CVE-2003-1339 EXPLOITDB perl WORKING POC
ezmeeting - Stack-based Buffer Overflow via Long GET Request or SwEzModule.dll Parameters
Stack-based buffer overflow in eZnet.exe, as used in eZ (a) eZphotoshare, (b) eZmeeting, (c) eZnetwork, and (d) eZshare allows remote attackers to cause a denial of service (crash) or execute arbitrary code, as demonstrated via (1) a long GET request and (2) a long operation or autologin parameter to SwEzModule.dll.
CVE-2003-1192 EXPLOITDB perl WORKING POC
IA WebMail Server 3.1.0 - Stack-Based Buffer Overflow via Long GET Request
Stack-based buffer overflow in IA WebMail Server 3.1.0 allows remote attackers to execute arbitrary code via a long GET request.
CVE-2003-0561 EXPLOITDB text WRITEUP
IglooFTP PRO 3.8 - Remote Code Execution via Long FTP Banner or Command Response
Multiple buffer overflows in IglooFTP PRO 3.8 allow remote FTP servers to execute arbitrary code via (1) a long FTP banner, or long responses to the client commands (2) USER, (3) PASS, (4) ACCT, and possibly other commands.
CVE-2004-2114 EXPLOITDB perl WORKING POC
ProxyNow! 2.75 - Remote Code Execution via Long FTP URL
Stack-based and heap-based buffer overflows in ProxyNow! 2.75 and earlier allow remote attackers to execute arbitrary code via a GET request with a long ftp:// URL.
CVE-2004-0245 EXPLOITDB perl WORKING POC
Web Crossing 4.x and 5.x - Denial of Service via HTTP POST Content-Length
Web Crossing 4.x and 5.x allows remote attackers to cause a denial of service (crash) by sending a HTTP POST request with a large or negative Content-Length, which causes an integer divide-by-zero.
EIP-2026-115232 EXPLOITDB perl WORKING POC
EZPhotoShare 1.0/1.1 - Memory Corruption
EIP-2026-109929 EXPLOITDB text WRITEUP
Newsscript 1.0 - Administrative Privilege Escalation
EIP-2026-106311 EXPLOITDB text WORKING POC
CutePHP CuteNews 1.3 - HTML Injection
EIP-2026-104680 EXPLOITDB perl WORKING POC
ProjectForum 8.4.2.1 - Find Request Denial of Service
EIP-2026-104046 EXPLOITDB text WRITEUP
P-News 1.16 - Administrative Account Creation
EIP-2026-103692 EXPLOITDB text WORKING POC
Vicomsoft RapidCache Server 2.0/2.2.6 - Host Argument Denial of Service
CVE-2004-1792 EXPLOITDB text WORKING POC
YaSoft Switch Off <= 2.3 - Denial of Service via Long Packet with CRLF Sequences
swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a long packet with two CRLF sequences to the service management port (TCP 8000).