Archive of vulnerabilities discovered by Larry Cashdollar



[About me] [Advisories] [/proc/misc/] [/dev/null] [/dev/exploits] [Research] [Blog] [Wordpress plugins XSS DB]


Latest EntriesDate
The Solaris 11 utility nsdb-convert and other fedfs scripts use temporary files insecurely2020-10-20
Solaris 11 x86 nsdb-update-nci utility can reveal password in temporary file2020-10-20
SQL Injection in search field of phpzag live add edit delete data tables records with ajax php mysql2020-05-19
Insecure /tmp file use in Oracle Solaris 11 Device Driver Utility v1.3.1 leads to root2020-02-02
Arbitrary file upload vulnerability in upload-image-with-ajax2019-12-16
Recent ExploitsDate
jQuery File Upload <= 9.22.0 Exploit10/29/2018
Research ToolsDate
Ruby Gem Vulnerability Miner08/14/2014
WordPress Plugin Downloader10/18/2014
WordPress Theme Downloader10/18/2014

Links

A look at CMSs from a vulnerability researchers view
A blog post on my research for Akamai's SOTI in Q2
A blog post on Wordpress plugins I wrote
A blog post on Writing exploits for Wordpress Plugin vulnerabilities
A blog entry by Bill Brenner on my Thyroid Cancer