Steve Kemp

4 exploits Active since Jan 2005
CVE-2009-2937 EXPLOITDB text WORKING POC
Planet and Planet Venus - Cross-Site Scripting via IMG SRC Attribute
Cross-site scripting (XSS) vulnerability in Planet 2.0 and Planet Venus allows remote attackers to inject arbitrary web script or HTML via the SRC attribute of an IMG element in a feed.
CVE-2004-1212 EXPLOITDB text WRITEUP
Blog Torrent Preview 0.8 - Directory Traversal via File Argument
Directory traversal vulnerability in btdownload.php in Blog Torrent preview 0.8 allows remote attackers to download arbitrary files via a .. (dot dot) in the file argument.
CVE-2007-2839 EXPLOITDB text WORKING POC
gfax < 0.4.2 - Arbitrary Command Execution via Insecure Temporary File Handling
gfax 0.4.2 and probably other versions creates temporary files insecurely, which allows local users to execute arbitrary commands via unknown vectors.
CVE-2005-2661 EXPLOITDB c WORKING POC
up-imapproxy 1.2.3-1.2.4 - Remote Code Execution via Format String in Banner or Capability Line
Format string vulnerability in the ParseBannerAndCapability function in main.c for up-imapproxy 1.2.3 and 1.2.4 allows remote IMAP servers to execute arbitrary code via format string specifiers in a banner or capability line.