dave b

10 exploits Active since Dec 2010
CVE-2011-5283 EXPLOITDB html WORKING POC
Smoothwall Express 3.1 and 3.0 SP3 - Cross-Site Scripting via IP Parameter in ipinfo.cgi
Cross-site scripting (XSS) vulnerability in the web management interface in httpd/cgi-bin/ipinfo.cgi in Smoothwall Express 3.1 and 3.0 SP3 and earlier allows remote attackers to inject arbitrary web script or HTML via the IP parameter in a Run action.
EIP-2026-106815 EXPLOITDB text WORKING POC
Elastix 2.0.2 - Multiple Cross-Site Scripting Vulnerabilities
CVE-2010-4246 EXPLOITDB text WORKING POC
pfSense 1.2.3 and 2 beta 4 - Cross-Site Scripting via graph.php ifnum or ifname Parameter
Multiple cross-site scripting (XSS) vulnerabilities in graph.php in pfSense 1.2.3 and 2 beta 4 allow remote attackers to inject arbitrary web script or HTML via the (1) ifnum or (2) ifname parameter, a different vulnerability than CVE-2008-1182.
CVE-2010-4412 EXPLOITDB text WORKING POC
pfSense 2 beta 4 - Cross-Site Scripting via id Parameter in pkg_edit.php
Multiple cross-site scripting (XSS) vulnerabilities in pfSense 2 beta 4 allow remote attackers to inject arbitrary web script or HTML via (1) the id parameter in an olsrd.xml action to pkg_edit.php, (2) the xml parameter to pkg.php, or the if parameter to (3) status_graph.php or (4) interfaces.php, a different vulnerability than CVE-2008-1182 and CVE-2010-4246.
CVE-2010-4412 EXPLOITDB text WORKING POC
pfSense 2 beta 4 - Cross-Site Scripting via id Parameter in pkg_edit.php
Multiple cross-site scripting (XSS) vulnerabilities in pfSense 2 beta 4 allow remote attackers to inject arbitrary web script or HTML via (1) the id parameter in an olsrd.xml action to pkg_edit.php, (2) the xml parameter to pkg.php, or the if parameter to (3) status_graph.php or (4) interfaces.php, a different vulnerability than CVE-2008-1182 and CVE-2010-4246.
CVE-2010-4412 EXPLOITDB text WORKING POC
pfSense 2 beta 4 - Cross-Site Scripting via id Parameter in pkg_edit.php
Multiple cross-site scripting (XSS) vulnerabilities in pfSense 2 beta 4 allow remote attackers to inject arbitrary web script or HTML via (1) the id parameter in an olsrd.xml action to pkg_edit.php, (2) the xml parameter to pkg.php, or the if parameter to (3) status_graph.php or (4) interfaces.php, a different vulnerability than CVE-2008-1182 and CVE-2010-4246.
EIP-2026-101343 EXPLOITDB text SCANNER
Lexmark X651de - Printer Ready Message Value HTML Injection
CVE-2010-4412 EXPLOITDB text WRITEUP
pfSense 2 beta 4 - Cross-Site Scripting via id Parameter in pkg_edit.php
Multiple cross-site scripting (XSS) vulnerabilities in pfSense 2 beta 4 allow remote attackers to inject arbitrary web script or HTML via (1) the id parameter in an olsrd.xml action to pkg_edit.php, (2) the xml parameter to pkg.php, or the if parameter to (3) status_graph.php or (4) interfaces.php, a different vulnerability than CVE-2008-1182 and CVE-2010-4246.
EIP-2026-100870 EXPLOITDB text WORKING POC
OpenWrt 10.03 - Multiple Cross-Site Scripting Vulnerabilities
CVE-2011-5284 EXPLOITDB html WORKING POC
Smoothwall < 3.1 - Cross-Site Request Forgery via shutdown.cgi
Cross-site request forgery (CSRF) vulnerability in the web management interface in httpd/cgi-bin/shutdown.cgi in Smoothwall Express 3.1 and 3.0 SP3 and earlier allows remote attackers to hijack the authentication of administrators for requests that perform a reboot via a request to cgi-bin/shutdown.cgi.