Sebastian Perez

3 exploits Active since Dec 2012
CVE-2015-8398 EXPLOITDB MEDIUM text WRITEUP
Atlassian Confluence <5.8.17 - XSS
Cross-site scripting (XSS) vulnerability in Atlassian Confluence before 5.8.17 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to rest/prototype/1/session/check.
CVSS 6.1
CVE-2012-4991 EXPLOITDB text WRITEUP
Axway SecureTransport <5.1 SP2 - Path Traversal
Multiple directory traversal vulnerabilities in Axway SecureTransport 5.1 SP2 and earlier allow remote authenticated users to (1) read, (2) delete, or (3) create files, or (4) list directories, via a ..%5C (encoded dot dot backslash) in a URI.
CVE-2015-8399 EXPLOITDB MEDIUM text WRITEUP
Atlassian Confluence <5.8.17 - Info Disclosure
Atlassian Confluence before 5.8.17 allows remote authenticated users to read configuration files via the decoratorName parameter to (1) spaces/viewdefaultdecorator.action or (2) admin/viewdefaultdecorator.action.
CVSS 4.3