Yu Yang

2 exploits Active since Dec 2004

CVE-2020-21139 WRITEUP MEDIUM WORKING POC

EC Cloud E-Commerce System 1.3 - Cross-Site Request Forgery via Admin Account Addition

EC Cloud E-Commerce System v1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily add admin accounts via /admin.html?do=user&act=add.

CVSS 6.5

View Code

CVE-2004-1150 EXPLOITDB text WORKING POC

Winamp 5.0-5.08c - Stack-Based Buffer Overflow via CDA URL Device Name or Track Number

Stack-based buffer overflow in the in_cdda.dll plugin for Winamp 5.0 through 5.08c allows attackers to execute arbitrary code via a cda:// URL with a long (1) device name or (2) sound track number, as demonstrated with a .m3u or .pls playlist file.

View Code