pi3ch - Security Researcher - Exploit Intelligence Platform

CVE-2006-0355 EXPLOITDB c WORKING POC

HomeFtp 1.1 - Denial of Service via Long USER and PASS Commands

Helmsman Research (aka CoolUtils) HomeFtp 1.1 allows remote attackers to cause an unspecified denial of service via a long USER command combined with a long PASS command and an NLST command.

View Code

CVE-2006-0357 EXPLOITDB c WORKING POC

Cerberus FTP Server 2.32 - Denial of Service via Long Invalid FTP Command String

Grant Averett Cerberus FTP Server 2.32, and possibly earlier versions, allows remote attackers to cause an unspecified denial of service via a long string that does not contain a valid FTP command.

View Code

EIP-2026-110466 EXPLOITDB text WORKING POC

PaNews 2.0 - Cross-Site Scripting

View Code

CVE-2005-0475 EXPLOITDB text WRITEUP

paFAQ Beta4 - SQL Injection via Multiple Parameters

SQL injection vulnerability in paFAQ Beta4, and possibly other versions, allows remote attackers to execute arbitrary SQL code via the (1) offset, (2) limit, (3) order, or (4) orderby parameter to question.php, (5) offset parameter to answer.php, (6) search_item parameter to search.php, (7) cat_id, (8) cid, or (9) id parameter to comment.php.

View Code

CVE-2005-0475 EXPLOITDB text WRITEUP

paFAQ Beta4 - SQL Injection via Multiple Parameters

SQL injection vulnerability in paFAQ Beta4, and possibly other versions, allows remote attackers to execute arbitrary SQL code via the (1) offset, (2) limit, (3) order, or (4) orderby parameter to question.php, (5) offset parameter to answer.php, (6) search_item parameter to search.php, (7) cat_id, (8) cid, or (9) id parameter to comment.php.

View Code

CVE-2005-0475 EXPLOITDB text WRITEUP

paFAQ Beta4 - SQL Injection via Multiple Parameters

SQL injection vulnerability in paFAQ Beta4, and possibly other versions, allows remote attackers to execute arbitrary SQL code via the (1) offset, (2) limit, (3) order, or (4) orderby parameter to question.php, (5) offset parameter to answer.php, (6) search_item parameter to search.php, (7) cat_id, (8) cid, or (9) id parameter to comment.php.

View Code

CVE-2005-0475 EXPLOITDB text WRITEUP

paFAQ Beta4 - SQL Injection via Multiple Parameters

SQL injection vulnerability in paFAQ Beta4, and possibly other versions, allows remote attackers to execute arbitrary SQL code via the (1) offset, (2) limit, (3) order, or (4) orderby parameter to question.php, (5) offset parameter to answer.php, (6) search_item parameter to search.php, (7) cat_id, (8) cid, or (9) id parameter to comment.php.

View Code