http://cxsecurity.com/wlb/ The Exploit Database - World Laboratory of Bugtraq 2 CXSecurity.com en-US Sat, 19 May 2012 00:34:20 +0200 CXSecurity http://cxsecurity.com/wlb/rss/exploit/ http://cxsecurity.com/images/wlb/wlblogo.png The Exploit Database - World Laboratory of Bugtraq 2 (WLB2) http://cxsecurity.com/issue/WLB-2012050121 WLB-2012050121 Wed, 16 May 2012 19:11:48 +0200 Gjoko 'LiquidWorm' Krstic Topic: Artiphp CMS 5.5.0 DB Backup Disclosure Exploit Risk: High Text:<?php /* Artiphp CMS 5.5.0 Database Backup Disclosure Exploit Vendor: Artiphp Product web page: http://www.artiphp.... http://cxsecurity.com/issue/WLB-2012050115 WLB-2012050115 Wed, 16 May 2012 07:46:23 +0200 Ahmed Elhady Mohamed Topic: Multimedia Builder 4.9.8 Denial Of Service Risk: Medium Text:Multimedia Builder 4.9.8 Malicious mef File Denial of service == # Exploit Title:Multimedia Builde... http://cxsecurity.com/issue/WLB-2012050108 WLB-2012050108 Tue, 15 May 2012 07:21:44 +0200 regenrecht Topic: Firefox 8/9 AttributeChildRemoved() Use-After-Free Risk: Medium Text:## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please... http://cxsecurity.com/issue/WLB-2012050105 WLB-2012050105 Tue, 15 May 2012 07:17:06 +0200 demonalex Topic: Universal Reader 1.16.740.0 Denial Of Service Risk: Medium Text:Title: Universal Reader Filename Denial Of Service Vulnerability Software : Universal Reader Software Version : 1.16.740.0 ... http://cxsecurity.com/issue/WLB-2012050089 WLB-2012050089 Sat, 12 May 2012 17:36:39 +0200 sinn3r Topic: WikkaWiki 1.3.2 Spam Logging PHP Injection Risk: Low Text:## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please... http://cxsecurity.com/issue/WLB-2012050088 WLB-2012050088 Sat, 12 May 2012 17:35:55 +0200 sinn3r Topic: Distinct TFTP 3.01 Writable Directory Traversal Execution Risk: Medium Text:## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please... http://cxsecurity.com/issue/WLB-2012050068 WLB-2012050068 Wed, 09 May 2012 07:01:42 +0200 regenrecht Topic: Mozilla Firefox 7 / 8 Out-Of-Bounds Access Risk: High Text:## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please... http://cxsecurity.com/issue/WLB-2012050056 WLB-2012050056 Sun, 06 May 2012 12:25:48 +0200 condis Topic: Guitar Pro 6.1.1 r10791 (.gpx) Denial of Service Exploit Risk: Low Text:#!/usr/bin/python # # Guitar Pro 6.1.1 r10791 (.gpx) Denial of Service Exploit # found by condis # ... http://cxsecurity.com/issue/WLB-2012050054 WLB-2012050054 Sun, 06 May 2012 12:20:42 +0200 wofeiwo Topic: PHP up to 5.3.12 and 5.4.2 CGI Injection (python exploit) Risk: High Text: ## # Exploit Title: Cve-2012-1823 PHP CGI Argument Injection Exploit # Date: May 4, 2012 # Autho... http://cxsecurity.com/issue/WLB-2012050053 WLB-2012050053 Sun, 06 May 2012 12:20:39 +0200 wofeiwo Topic: PHP up to 5.3.12 and 5.4.2 CGI Injection (metasploit exploit) Risk: High Text:## # $Id$ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial re... http://cxsecurity.com/issue/WLB-2012050041 WLB-2012050041 Fri, 04 May 2012 15:00:14 +0200 sinn3r Topic: McAfee Virtual Technician MVTControl 6.3.0.1911 GetObject Vulnerability Risk: Medium Text:## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please... http://cxsecurity.com/issue/WLB-2012050040 WLB-2012050040 Fri, 04 May 2012 14:59:39 +0200 cikumel Topic: AnvSoft Any Video Converter 4.3.6 Stack Overflow Risk: Medium Text:#!/usr/bin/python # # Exploit Title: AnvSoft Any Video Converter 4.3.6 Stack Overflow # Author: cikumel (@mhx_x) and y0k (@r... http://cxsecurity.com/issue/WLB-2012050039 WLB-2012050039 Fri, 04 May 2012 14:58:29 +0200 sinn3r Topic: VLC MMS Stream Handling Buffer Overflow Risk: High Text:## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please... http://cxsecurity.com/issue/WLB-2012050038 WLB-2012050038 Fri, 04 May 2012 14:58:04 +0200 Topic: Tor Proxy Bypass via Firefox Risk: Medium Text:https://blog.torproject.org/blog/firefox-security-bug-proxy-bypass-current-tbbs "A user has discovered a severe security bug... http://cxsecurity.com/issue/WLB-2012050030 WLB-2012050030 Thu, 03 May 2012 12:43:43 +0200 Egidio Romano aka EgiX Topic: OpenConf 4.11 Blind SQL Injection Risk: Medium Text:<?php /* OpenConf <= 4.11 (author/edit.php) Remote Blind SQL Injection Exploit ... http://cxsecurity.com/issue/WLB-2012050017 WLB-2012050017 Wed, 02 May 2012 05:55:19 +0200 Blake Topic: Samsung NET-i Viewer Active-X SEH Overwrite Risk: High Text:<html> <object classid='clsid:FA6E2EA9-D816-4F00-940B-609C9E8847A4' id='target' ></object> <script language='vbscript'> ' Ex... http://cxsecurity.com/issue/WLB-2012050016 WLB-2012050016 Wed, 02 May 2012 05:54:49 +0200 PoURaN Topic: Mikrotik Router Denial Of Service Risk: Medium Text:#!/usr/bin/python # Exploit Title: Mikrotik Router Remote Denial Of Service attack # Date: 19/4/2012 # Author... http://cxsecurity.com/issue/WLB-2012050008 WLB-2012050008 Wed, 02 May 2012 05:50:00 +0200 muts Topic: Solarwinds Storage Manager 5.1.0 SQL Injection Risk: Medium Text:#!/usr/bin/python ## # Exploit Title: Solarwinds Storage Manager 5.1.0 Remote SYSTEM SQL Injectio... http://cxsecurity.com/issue/WLB-2012050006 WLB-2012050006 Tue, 01 May 2012 00:49:10 +0200 EgiX Topic: WebCalendar 1.2.4 Remote Code Execution (PHP Exploit) Risk: High Text:<?php /* -- WebCalendar <= 1.2.4 (install/index.php) Remote Code Executionn Exploit ... http://cxsecurity.com/issue/WLB-2012050005 WLB-2012050005 Tue, 01 May 2012 00:47:55 +0200 sinn3r Topic: WebCalendar 1.2.4 Remote Code Injection (Metasploit) Risk: High Text:## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please... http://cxsecurity.com/issue/WLB-2012040247 WLB-2012040247 Mon, 30 Apr 2012 15:37:20 +0200 Senator of Pirates Topic: Nokia PC Suite Video Manager DoS Risk: Low Text: # Application : Nokia PC Suite Video Manager DoS Versions : <= 7.1.180.64 Date : Friday, April 27,2012 Auther : Senator o... http://cxsecurity.com/issue/WLB-2012040246 WLB-2012040246 Mon, 30 Apr 2012 15:33:10 +0200 Saint Patrick Topic: Remote-Anything Player 5.60.15 PoC Risk: Medium Text:#!python # Title: Remote-Anything Player 5.60.15 PoC # Author: Saint Patrick <saintpatrick@l1pht.com> # Date: 4/25/2012 ... http://cxsecurity.com/issue/WLB-2012040217 WLB-2012040217 Thu, 26 Apr 2012 05:34:01 +0200 juan vazquez and sinn3r Topic: Microsoft MSCOMCTL ActiveX Buffer Overflow (MS12-027) Risk: High Text:## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please... http://cxsecurity.com/issue/WLB-2012040214 WLB-2012040214 Thu, 26 Apr 2012 05:31:07 +0200 AlpHaNiX Topic: Shadow Stream Recorder 3.0.1.7 Buffer Overflow Risk: High Text:## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please... http://cxsecurity.com/issue/WLB-2012040205 WLB-2012040205 Wed, 25 Apr 2012 08:07:48 +0200 JC CREW Topic: RuggedCom Device Undocumented Backdoor Risk: High Text:Title: Undocumented Backdoor Access to RuggedCom Devices Author: jc Organization: JC CREW Date: Apr... http://cxsecurity.com/issue/WLB-2012040178 WLB-2012040178 Sat, 21 Apr 2012 09:53:49 +0200 Lukas Kupczyk Topic: Owncloud Account Overtake / File Upload Code Execution Risk: High Text:## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please... http://cxsecurity.com/issue/WLB-2012040164 WLB-2012040164 Fri, 20 Apr 2012 11:30:26 +0200 Abhishek Lyall Topic: Office 2008(MAC) SP0 RTF Pfragments MAC Exploit Risk: Medium Text:#RTF Pfragments exploit for MAC office 2008 #Author Abhishek Lyall - abhilyall[at]gmail[dot]com, info[at]aslitsecurity[dot]com... http://cxsecurity.com/issue/WLB-2012040161 WLB-2012040161 Fri, 20 Apr 2012 11:28:20 +0200 b0telh0 Topic: xRadio 0.95b Buffer Overflow Risk: High Text:## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please... http://cxsecurity.com/issue/WLB-2012040160 WLB-2012040160 Fri, 20 Apr 2012 11:28:00 +0200 Datacut Topic: TFTP Server for Windows 1.4 ST WRQ Buffer Overflow Risk: High Text:## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please... http://cxsecurity.com/issue/WLB-2012040159 WLB-2012040159 Fri, 20 Apr 2012 11:27:03 +0200 0a29406d9794e4f9b30b3c5d6702c708 Topic: Adobe Flash Player ActionScript Launch Command Execution Risk: High Text:## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please... http://cxsecurity.com/issue/WLB-2012040158 WLB-2012040158 Fri, 20 Apr 2012 11:26:11 +0200 Senator of Pirates Topic: VLC 2.0.1 Division By Zero Risk: Low Text: # Application : VLC 2.0.1 division by zero vulnerability Versions : 2.0.1 Date : 19/04/2012 Auther : Senator of Pirat... http://cxsecurity.com/issue/WLB-2012040146 WLB-2012040146 Thu, 19 Apr 2012 10:17:55 +0200 Khashayar Fereidani Topic: DocuWiki 2012/01/25 Cross Site Request Forgery / Cross Site Scripting Risk: Low Text: ## DokuWiki Ver.2012/01/25 ( Latest Version ) CSRF Add User Exploit #... http://cxsecurity.com/issue/WLB-2012040145 WLB-2012040145 Thu, 19 Apr 2012 10:17:05 +0200 Ruben Alejandro Topic: GSM SIM Editor 5.15 Buffer Overflow Risk: High Text:## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please... http://cxsecurity.com/issue/WLB-2012040144 WLB-2012040144 Thu, 19 Apr 2012 10:16:45 +0200 modpr0be Topic: CyberLink Power2Go Stack Buffer Overflow Risk: High Text:## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please... http://cxsecurity.com/issue/WLB-2012040137 WLB-2012040137 Tue, 17 Apr 2012 07:35:58 +0200 sinn3r Topic: V-CMS <1.1 PHP File Upload And Execute Risk: High Text:## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please... http://cxsecurity.com/issue/WLB-2012040117 WLB-2012040117 Sun, 15 Apr 2012 12:37:16 +0200 rgod Topic: Quest InTrust Annotation Objects Uninitialized Pointer Risk: High Text: # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please ... http://cxsecurity.com/issue/WLB-2012040112 WLB-2012040112 Fri, 13 Apr 2012 07:47:55 +0200 Vulnerability-Lab Topic: Crystal Office Suite 1.43 Buffer Overflow Risk: High Text:Title: Crystal Office Suite v1.43 - Buffer Overflow Vulnerability Date: == 2012-04-12 References: == htt... http://cxsecurity.com/issue/WLB-2012040102 WLB-2012040102 Thu, 12 Apr 2012 12:14:10 +0200 The UnKn0wN Topic: Koprana CMS Shell Upload Risk: High Text:<?php //NOTE : - If you are using BHR put this file in \exploits\webapp folder // - BHR Download link => http://www.med... http://cxsecurity.com/issue/WLB-2012040101 WLB-2012040101 Thu, 12 Apr 2012 12:13:50 +0200 The UnKn0wN Topic: Koprana CMS SQL Injection Risk: Medium Text:<?php //NOTE : - If you are using BHR put this file in \exploits\webapp folder // - BHR Download link => http://www.med... http://cxsecurity.com/issue/WLB-2012040100 WLB-2012040100 Thu, 12 Apr 2012 12:11:44 +0200 InfoSec Topic: Backtrack 5 R2 wicd Privilege Escalation Risk: Medium Text:#!/usr/bin/python #wicd 0day exploit discovered on 4.9.12 by InfoSec Institute student #For full write up and description go ...