lorenzo

4 exploits Active since Aug 2004
CVE-2006-1111 EXPLOITDB text WORKING POC
Aztek Forum 4.0 - Information Disclosure via msg Parameter SQL Error
Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a "*/*" in the msg parameter to index.php, which reveals usernames and passwords in a MySQL error message, possibly due to a forced SQL error or SQL injection.
CVE-2006-1110 EXPLOITDB text WORKING POC
Aztek Forum 4.0 - Stored Cross-Site Scripting via Message Body
Cross-site scripting (XSS) vulnerability in Aztek Forum 4.0 allows remote attackers to inject arbitrary web script or HTML via the message body in a new message.
CVE-2006-1112 EXPLOITDB text WORKING POC
Aztek Forum 4.0 - Information Disclosure via Long Login Value
Aztek Forum 4.0 allows remote attackers to obtain sensitive information via a long login value in a register form, which displays the installation path in a MySQL error message.
CVE-2004-0554 EXPLOITDB c WORKING POC
Linux kernel 2.4.x-2.6.x - DoS
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program.