I'm on Mastodon and Twitter

Archive of vulnerabilities discovered by Larry Cashdollar

[About me] [Advisories] [/proc/misc/] [/dev/null] [/dev/exploits] [Research] [Blog] [Wordpress plugins XSS DB]

Latest EntriesDate
CreativeDream software arbitrary file upload2022-09-08
The Solaris 11 utility nsdb-convert and other fedfs scripts use temporary files insecurely2020-10-20
Solaris 11 x86 nsdb-update-nci utility can reveal password in temporary file2020-10-20
SQL Injection in search field of phpzag live add edit delete data tables records with ajax php mysql2020-05-19
Insecure /tmp file use in Oracle Solaris 11 Device Driver Utility v1.3.1 leads to root2020-02-02
Recent ExploitsDate
jQuery File Upload <= 9.22.0 Exploit10/29/2018
Research ToolsDate
Ruby Gem Vulnerability Miner08/14/2014
WordPress Plugin Downloader10/18/2014
WordPress Theme Downloader10/18/2014


A look at CMSs from a vulnerability researchers view
A blog post on my research for Akamai's SOTI in Q2
A blog post on Wordpress plugins I wrote
A blog post on Writing exploits for Wordpress Plugin vulnerabilities
A blog entry by Bill Brenner on my Thyroid Cancer