Steve Kemp

4 exploits Active since Jan 2005
CVE-2009-2937 EXPLOITDB text WORKING POC
Intertwingly Planet - XSS
Cross-site scripting (XSS) vulnerability in Planet 2.0 and Planet Venus allows remote attackers to inject arbitrary web script or HTML via the SRC attribute of an IMG element in a feed.
CVE-2004-1212 EXPLOITDB text WRITEUP
Blog Torrent Preview - Path Traversal
Directory traversal vulnerability in btdownload.php in Blog Torrent preview 0.8 allows remote attackers to download arbitrary files via a .. (dot dot) in the file argument.
CVE-2007-2839 EXPLOITDB text WORKING POC
gfax 0.4.2 - Code Injection
gfax 0.4.2 and probably other versions creates temporary files insecurely, which allows local users to execute arbitrary commands via unknown vectors.
CVE-2005-2661 EXPLOITDB c WORKING POC
up-imapproxy <1.2.4 - RCE
Format string vulnerability in the ParseBannerAndCapability function in main.c for up-imapproxy 1.2.3 and 1.2.4 allows remote IMAP servers to execute arbitrary code via format string specifiers in a banner or capability line.