Archive of vulnerabilities discovered by Larry Cashdollar
[About me] [Advisories] [/proc/misc/] [/dev/null] [/dev/exploits] [Research] [Blog] [Wordpress plugins XSS DB]
| Latest Entries | Date |
| CreativeDream software arbitrary file upload | 2022-09-08 | The Solaris 11 utility nsdb-convert and other fedfs scripts use temporary files insecurely | 2020-10-20 | Solaris 11 x86 nsdb-update-nci utility can reveal password in temporary file | 2020-10-20 | SQL Injection in search field of phpzag live add edit delete data tables records with ajax php mysql | 2020-05-19 | Insecure /tmp file use in Oracle Solaris 11 Device Driver Utility v1.3.1 leads to root | 2020-02-02 |
| Recent Exploits | Date |
| jQuery File Upload <= 9.22.0 Exploit | 10/29/2018 |
| Research Tools | Date |
| Ruby Gem Vulnerability Miner | 08/14/2014 |
| WordPress Plugin Downloader | 10/18/2014 |
| WordPress Theme Downloader | 10/18/2014 |
Links
A look at CMSs from a vulnerability researchers viewA blog post on my research for Akamai's SOTI in Q2
A blog post on Wordpress plugins I wrote
A blog post on Writing exploits for Wordpress Plugin vulnerabilities
A blog entry by Bill Brenner on my Thyroid Cancer