Remco Verhoef

2 exploits Active since Oct 2005

CVE-2005-3325 EXPLOITDB text WRITEUP

Analysis Console for Intrusion Databases and Basic Analysis and Security Engine - SQL Injection via sig Parameter

Multiple SQL injection vulnerabilities in (1) acid_qry_main.php in Analysis Console for Intrusion Databases (ACID) 0.9.6b20 and (2) base_qry_main.php in Basic Analysis and Security Engine (BASE) 1.2, and unspecified other console scripts in these products, allow remote attackers to execute arbitrary SQL commands via the sig[1] parameter and possibly other parameters.

View Code

CVE-2007-6003 EXPLOITDB text WORKING POC

Thomson SpeedTouch 716 - Firmware 5.4.0.14 - XSS

Cross-site scripting (XSS) vulnerability in cgi/b/ic/connect in the Thomson SpeedTouch 716 with firmware 5.4.0.14 allows remote attackers to inject arbitrary web script or HTML via the url parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

View Code