Change:

WLB2.ORG (World Laboratory of Bugtraq 2)

,

CVEMAP.ORG (CVE Map)

,

cIFrex.ORG (cIFrex Tool)

	WLB2.ORG
Full List

Bugs

Bogus

Tricks

Exploits

	CVEMAP.ORG
Full List

Vendors

Products

	Tools
CWE Dictionary

Dorks List

cIFrex

	Search
Bugtraq

CVEMAP

CVE Id

CWE Id

	RSS
Full List

Bugs

Exploits

Dorks

	Others
Advertisement

Add note

About



	Submit
To add a note, or send email to


	Links

[ Bugs ] [ Exploits ]

World Laboratory of Bugtraq 2 [2013-06-19]

[ Bogus ] [ Tricks ]

	Joomla 1.5.26, 2.5.11, 3.1.1 crypto vulnerability		19.06.2013	Marco Beierer
	Solaris 10 patch cluster File clobbering vulnerability		19.06.2013	Larry W. Cashdol...
	MoinMoin twikidraw Action Traversal File Upload		19.06.2013	Unknown
	gnome-shell crash, screen unlock on resume		19.06.2013	Florian Weimer
	DDoS attacks via other sites execution tool		19.06.2013	MustLive
	Apache Santuario XML Security for C++ contains heap overflow		18.06.2013	James Forshaw
	Apache Santuario XML Security for C++ DoS & hash length bypass		18.06.2013	James Forshaw
	Apache Santuario XML Security for C++ contains a stack overflow during XPointer		18.06.2013	James Forshaw
	Apache Santuario XML Security for C++ contains an XML Signature Bypass		18.06.2013	James Forshaw
	sharetronix xss signup		18.06.2013	Ashiyane Digital...
	haproxy DoS when using header occurrences relative to the tail		18.06.2013	David Torgerson
	Apple and Wifi Hotspot Credentials Management Vulnerability		18.06.2013	Jeffrey Walton
	Simple File Manager 024 Login Bypass		18.06.2013	Chako
	Hostinger Web Hosting Cross Site Scripting		18.06.2013	Juan Carlos Garc...
	Fly-High CMS 2012-07-08 Shell Upload		18.06.2013	CWH Underground
	Bloofox CMS 0.5.0 Shell Upload		18.06.2013	CWH Underground

[ CVE Products ]

CVEMAP.ORG [2013-06-19]

[ CVE Vendors ]

Medium Risk

[ CVE-2013-1203 ]
Asa cx context-aware security ...

Cisco ASA CX Context-Aware Security Software allows remote attackers to cause a denial of service (device reload) via crafted TCP packets that appear to have been forwarded by a Cisco Adaptive Security Appliances (ASA) device, aka Bug ID CSCue88386.

Medium Risk

[ CVE-2013-4616 ]
Iphone os

The WifiPasswordController generateDefaultPassword method in Preferences in Apple iOS 6 and earlier relies on the UITextChecker suggestWordInLanguage method for selection of Wi-Fi hotspot WPA2 PSK passphrases, which makes it easier for remote attacke...

Low Risk

[ CVE-2012-6564 ]
Redcap

Cross-site scripting (XSS) vulnerability in REDCap before 4.14.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Low Risk

[ CVE-2012-6565 ]
Redcap

Cross-site scripting (XSS) vulnerability in REDCap before 4.14.3 allows remote authenticated users to inject arbitrary web script or HTML via uppercase characters in JavaScript events within user-defined labels.

Low Risk

[ CVE-2012-6566 ]
Redcap

Cross-site scripting (XSS) vulnerability in REDCap before 4.14.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Medium Risk

[ CVE-2012-6567 ]
Redcap

REDCap before 4.14.0 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the logic of a custom rule.

Medium Risk

[ CVE-2013-1093 ]
Zenworks configuration managem...

Open redirect vulnerability in the fwdToURL function in the ZCC login page in zcc-framework.jar in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to redirect users to arbitrary web sites an...

Low Risk

[ CVE-2013-1094 ]
Zenworks configuration managem...

Cross-site scripting (XSS) vulnerability in a ZCC page in zenworks-core in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to inject arbitrary web script or HTML via an invalid locale.

CVE related WLB2

	CVE-2012-6081		MoinMoin twikidraw Action Traversal File Upload		19.06.2013	Unknown
	CVE-2013-2190		gnome-shell crash, screen unlock on resume		19.06.2013	Florian Weimer
	CVE-2013-2156		Apache Santuario XML Security for C++ contains heap ove...		18.06.2013	James Forshaw
	CVE-2013-2155		Apache Santuario XML Security for C++ DoS & hash le...		18.06.2013	James Forshaw
	CVE-2013-2154		Apache Santuario XML Security for C++ contains a stack ...		18.06.2013	James Forshaw
	CVE-2013-2153		Apache Santuario XML Security for C++ contains an XML S...		18.06.2013	James Forshaw
	CVE-2013-2175		haproxy DoS when using header occurrences relative to t...		18.06.2013	David Torgerson
	CVE-2006-0720		Winamp 5.12 .m3u stack based buffer overflow		17.06.2013	superkojiman

CWE related WLB2

	CWE-79		sharetronix xss signup		18.06.2013	Ashiyane Digital...
	CWE-79		Hostinger Web Hosting Cross Site Scripting		18.06.2013	Juan Carlos Garc...
	CWE-264		Fly-High CMS 2012-07-08 Shell Upload		18.06.2013	CWH Underground
	CWE-264		Bloofox CMS 0.5.0 Shell Upload		18.06.2013	CWH Underground
	CWE-264		Havalite CMS 1.1.7 Shell Upload		18.06.2013	CWH Underground
	CWE-601		MozTrap Open Redirect		18.06.2013	Junaid Hussain

Random Dorks

	Joomla com_extplorer Components shell upload Vulnerability		16.06.2013	Am!r
	WordPress wp-FileManager File Download		16.05.2013	ByEge
	Ajax Availability Calendar 3.X.X Multiple Vulnerabilties		12.05.2013	AtT4CKxT3rR0r1ST
	Joomla Component com_shohada Local File Inclusion		12.05.2013	AtT4CKxT3rR0r1ST

Copyright 2013, cxsecurity.com