Ziv Kamir

25 exploits Active since Dec 2004
CVE-2005-3293 EXPLOITDB text WRITEUP
Xerver 4.17 - Info Disclosure
Xerver 4.17 allows remote attackers to (1) obtain source code of scripts via a request with a trailing "." (dot) or (2) list directory contents via a trailing null character.
CVE-2005-3293 EXPLOITDB text WRITEUP
Xerver 4.17 - Info Disclosure
Xerver 4.17 allows remote attackers to (1) obtain source code of scripts via a request with a trailing "." (dot) or (2) list directory contents via a trailing null character.
CVE-2005-4774 EXPLOITDB text WRITEUP
Xerver 4.17 - XSS
Cross-site scripting (XSS) vulnerability in Xerver 4.17 allows remote attackers to inject arbitrary web script or HTML after a /%00/ sequence at the end of the URI.
EIP-2026-118936 EXPLOITDB text WRITEUP
MyServer 0.4.1/0.4.2 - HTTP Server Directory Traversal
EIP-2026-119139 EXPLOITDB text WRITEUP
silentthought simple Web server 1.0 - Directory Traversal
CVE-2004-2487 EXPLOITDB text WORKING POC
Nexgen FTP Server <2.2.3.23 - Path Traversal
Directory traversal vulnerability in Nexgen FTP Server before 2.2.3.23 allows remote authenticated users to read or list arbitrary files via (1) "..", (2) "\..\" (backslash dot dot), or (3) "/../" sequences in (a) RETR (get), (b) NLST (ls), (c) LIST (ls), (d) RNFR, or (e) RNTO FTP commands.
EIP-2026-118553 EXPLOITDB text WRITEUP
FloosieTek FTGatePro 1.22 - Mail Server Full Path Disclosure
EIP-2026-118552 EXPLOITDB text WORKING POC
FloosieTek FTGatePro 1.22 - Mail Server Cross-Site Scripting
EIP-2026-118348 EXPLOITDB text WRITEUP
Cerberus FTP Server 2.1 - Information Disclosure
EIP-2026-118281 EXPLOITDB text WRITEUP
ArGoSoft 1.8.x - Authentication Bypass
EIP-2026-116535 EXPLOITDB perl WORKING POC
WinAgents TFTP Server 3.0 - Remote Buffer Overrun
EIP-2026-116528 EXPLOITDB text WRITEUP
WebBBS Pro 1.18 - GET Denial of Service
EIP-2026-114983 EXPLOITDB perl WORKING POC
BaSoMail Server 1.24 - POP3/SMTP Remote Denial of Service
EIP-2026-114981 EXPLOITDB text WORKING POC
BaSoMail 1.24 - POP3 Server Denial of Service
EIP-2026-114982 EXPLOITDB text WRITEUP
BaSoMail 1.24 - SMTP Server Command Buffer Overflow
CVE-2004-2071 EXPLOITDB text WRITEUP
Macallan Mail Solution <2.8.4.6 - Auth Bypass
Macallan Mail Solution 2.8.4.6 (Build 260), and possibly earlier versions, allows remote attackers to bypass authentication in the web interface via an HTTP GET request with two slashes ("//") after the server name.
EIP-2026-109176 EXPLOITDB text WRITEUP
LiteWEB Web Server 2.5 - Authentication Bypass
EIP-2026-104095 EXPLOITDB text WORKING POC
SurgeLDAP 1.0 d - Full Path Disclosure
EIP-2026-104051 EXPLOITDB text WRITEUP
PostMaster 3.16/3.17 Proxy Service - Cross-Site Scripting
EIP-2026-103840 EXPLOITDB text WORKING POC
Aiglon Web Server 2.0 - Installation Path Information Disclosure
EIP-2026-103461 EXPLOITDB perl WORKING POC
Eternal Lines Web Server 1.0 - Remote Denial of Service
EIP-2026-100905 EXPLOITDB text WORKING POC
SurgeLDAP 1.0 d - 'User.cgi' Cross-Site Scripting
CVE-2004-2636 EXPLOITDB text WRITEUP
TinyWeb 1.9 - Info Disclosure
TinyWeb 1.9 allows remote attackers to read source code of scripts via "/./" in the URL.
EIP-2026-100404 EXPLOITDB text WRITEUP
Mailtraq 2.2 - Webmail Utility Full Path Disclosure
EIP-2026-100403 EXPLOITDB text WORKING POC
Mailtraq 2.2 - 'Browse.asp' Cross-Site Scripting