Stefan Lochbihler

7 exploits Active since Nov 2005
EIP-2026-115913 EXPLOITDB c WORKING POC
Neon Responder 5.4 - Clock Synchronization Denial of Service
CVE-2005-3812 EXPLOITDB c WORKING POC
freeFTPd 1.0.10 - Authenticated Denial of Service via PORT Command
freeFTPd 1.0.10 allows remote authenticated users to cause a denial of service (null dereference and crash) via a PORT command with missing arguments.
CVE-2005-3790 EXPLOITDB text WORKING POC
phpwcms 1.2.5 - Cross-Site Scripting via i and text Parameters
Multiple cross-site scripting (XSS) vulnerabilities in act_newsletter.php in phpwcms 1.2.5 allow remote attackers to inject arbitrary web script or HTML via the (1) i and (2) text parameters.
CVE-2005-3789 EXPLOITDB text WORKING POC
phpwcms 1.2.5 - Directory Traversal via form_lang or imgdir Parameter
Multiple directory traversal vulnerabilities in phpwcms 1.2.5 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) form_lang parameter in login.php and (2) the imgdir parameter in random_image.php.
CVE-2005-3789 EXPLOITDB text WRITEUP
phpwcms 1.2.5 - Directory Traversal via form_lang or imgdir Parameter
Multiple directory traversal vulnerabilities in phpwcms 1.2.5 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) form_lang parameter in login.php and (2) the imgdir parameter in random_image.php.
EIP-2026-111202 EXPLOITDB c WORKING POC
PHPsFTPd 0.2/0.4 - 'Inc.login.php' Privilege Escalation
CVE-2006-1941 EXPLOITDB c WORKING POC
Neon Responder 5.4 - Denial of Service via Crafted Clock Synchronisation Packet
Neon Responder 5.4 for LANsurveyor allows remote attackers to cause a denial of service (application outage) via a crafted Clock Synchronisation packet that triggers an access violation.