Prabhu S Angadi

13 exploits Active since Feb 2012
CVE-2011-4722 METASPLOIT ruby WORKING POC
Ipswitch TFTP Server 1.0.0.24 - Path Traversal via RRQ Filename Field
Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename field of an RRQ operation.
CVE-2012-1465 METASPLOIT ruby WORKING POC
NetMechanica NetDecision < 4.5.1 - Denial of Service via Long URL
Stack-based buffer overflow in the HTTP Server in NetMechanica NetDecision before 4.6.1 allows remote attackers to cause a denial of service (application crash) via a long URL in an HTTP request. NOTE: some of these details are obtained from third party information.
CVE-2012-1005 EXPLOITDB text WRITEUP
Sphinx Software Mobile Web Server 3.1.2.47 - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Sphinx Software Mobile Web Server 3.1.2.47 allow remote attackers to inject arbitrary web script or HTML via the comment parameter to a blog, as demonstrated using (1) Blog/MyFirstBlog.txt or (2) Blog/AboutSomething.txt.
CVE-2012-1465 EXPLOITDB ruby WORKING POC
NetMechanica NetDecision < 4.5.1 - Denial of Service via Long URL
Stack-based buffer overflow in the HTTP Server in NetMechanica NetDecision before 4.6.1 allows remote attackers to cause a denial of service (application crash) via a long URL in an HTTP request. NOTE: some of these details are obtained from third party information.
CVE-2012-1464 EXPLOITDB python WORKING POC
NetMechanica NetDecision < 4.5.1 - Information Disclosure via Trailing Question Mark
Dashboard Server for NetMechanica NetDecision before 4.6.1 allows remote attackers to obtain the installation path via a request with a trailing "?" character, which causes Dashboard to attempt to access a non-existent resource. NOTE: some of these details are obtained from third party information.
CVE-2012-1466 EXPLOITDB text WORKING POC
NetMechanica NetDecision < 4.5.1 - Unauthenticated Source Code Exposure via Invalid Version Number
The Traffic Grapher Server for NetMechanica NetDecision before 4.6.1 allows remote attackers to obtain the source code of NtDecision script files with a .nd extension via an invalid version number in an HTTP request, as demonstrated using default.nd. NOTE: some of these details are obtained from third party information.
CVE-2011-4722 EXPLOITDB text WORKING POC
Ipswitch TFTP Server 1.0.0.24 - Path Traversal via RRQ Filename Field
Directory traversal vulnerability in the TFTP Server 1.0.0.24 in Ipswitch WhatsUp Gold allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename field of an RRQ operation.
EIP-2026-118611 EXPLOITDB text WRITEUP
GoAhead Web Server 2.5 - 'goform/formTest' Multiple Cross-Site Scripting Vulnerabilities
CVE-2012-1008 EXPLOITDB text WORKING POC
OfficeSIP Server 3.1 - Denial of Service via Crafted SIP INVITE To Header
OfficeSIP Server 3.1 allows remote attackers to cause a denial of service (daemon crash) via a crafted To header in a SIP INVITE message.
CVE-2012-1009 EXPLOITDB text WORKING POC
NetSarang Xlpd and Xmanager Enterprise - Denial of Service via Malformed LPD Request
NetSarang Xlpd 4 Build 0100 and NetSarang Xmanager Enterprise 4 Build 0186 allow remote attackers to cause a denial of service (daemon crash) via a malformed LPD request.
CVE-2012-1465 EXPLOITDB python WORKING POC
NetMechanica NetDecision < 4.5.1 - Denial of Service via Long URL
Stack-based buffer overflow in the HTTP Server in NetMechanica NetDecision before 4.6.1 allows remote attackers to cause a denial of service (application crash) via a long URL in an HTTP request. NOTE: some of these details are obtained from third party information.
CVE-2011-4720 EXPLOITDB text WORKING POC
Hillstone HS TFTP Server 1.3.2 - Denial of Service via Long Filename in RRQ or WRQ Operation
Hillstone HS TFTP Server 1.3.2 allows remote attackers to cause a denial of service (daemon crash) via a long filename in a (1) RRQ or (2) WRQ operation.
EIP-2026-115055 EXPLOITDB python WORKING POC
CiscoKits 1.0 - TFTP Server 'Write Command' Denial of Service