Stefan Schurtz

58 exploits Active since Jun 2008
CVE-2012-3835 EXPLOITDB text WORKING POC
AlienVault OSSIM 3.1 - Cross-Site Scripting via URL Parameter or Time Parameter
Multiple cross-site scripting (XSS) vulnerabilities in AlienVault Open Source Security Information Management (OSSIM) 3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) url parameter to top.php or (2) time[0][0] parameter to forensics/base_qry_main.php, which is not properly handled in an error page.
CVE-2012-6528 EXPLOITDB text WORKING POC
ATutor < 2.1 - Cross-Site Scripting via PATH_INFO
Multiple cross-site scripting (XSS) vulnerabilities in ATutor before 2.1 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to (1) themes/default/tile_search/index.tmpl.php, (2) login.php, (3) search.php, (4) password_reminder.php, (5) login.php/jscripts/infusion, (6) login.php/mods/_standard/flowplayer, (7) browse.php/jscripts/infusion/framework/fss, (8) registration.php/themes/default/ie_styles.css, (9) about.php, or (10) themes/default/social/basic_profile.tmpl.php.
CVE-2011-4564 EXPLOITDB text WORKING POC
Active CMS 1.2 - Cross-Site Scripting via Admin Script Mod Parameter
Cross-site scripting (XSS) vulnerability in the admin script in Active CMS 1.2 allows remote attackers to inject arbitrary web script or HTML via the mod parameter in a module action.
EIP-2026-104938 EXPLOITDB text WRITEUP
AdaptCMS 2.0.1 - Cross-Site Scripting / Information Disclosure
CVE-2012-4749 EXPLOITDB text WRITEUP
Admidio 2.3.5 - Multiple Vulnerabilities
EIP-2026-104338 EXPLOITDB text WRITEUP
Metasploit Web UI 4.1.0 - Persistent Cross-Site Scripting
CVE-2011-2179 EXPLOITDB text WORKING POC
Icinga < 1.4.0 - Cross-Site Scripting via Expand Parameter
Multiple cross-site scripting (XSS) vulnerabilities in config.c in config.cgi in (1) Nagios 3.2.3 and (2) Icinga before 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the expand parameter, as demonstrated by an (a) command action or a (b) hosts action.
EIP-2026-102694 EXPLOITDB text WORKING POC
Nagios Plugins check_ups - Local Buffer Overflow (PoC)