CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

Exploit DB•added 2010/05/26 12:0 a.m.•32 views

Worldweaver DX Studio Player 3.0.29 - 'shell.execute()' Command Execution (Metasploit)

$Id: dxstudioplayerexec.rb 9375 2010-05-26 22:39:56Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

9.3CVSS6.6AI score0.40176EPSS

Exploits10

NVD•added 2009/06/16 9:0 p.m.•20 views

CVE-2009-2011

Worldweaver DX Studio Player 3.0.29.0, 3.0.22.0, 3.0.12.0, and probably other versions before 3.0.29.1, when used as a plug-in for Firefox, does not restrict access to the shell.execute JavaScript API method, which allows remote attackers to execute arbitrary commands via a .dxstudio file that...

9.3CVSS7.4AI score0.40176EPSS

Exploits10References8

CVE•added 2009/06/16 8:26 p.m.•49 views

CVE-2009-2011

Summary (CVE-2009-2011) Worldweaver DX Studio Player plugin for Firefox (and related IE/Firefox contexts) is vulnerable to remote command execution via the shell.execute JavaScript API method. The issue affects DX Studio Player versions including 3.0.29.0, 3.0.22.0, 3.0.12.0 and likely other vers...

9.3CVSS7.5AI score0.40176EPSS

Exploits10References8Affected Software1

securityvulns•added 2009/06/14 12:0 a.m.•64 views

CORE-2009-0521 - DX Studio Player Firefox plug-in command injection

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ DX Studio Player Firefox plug-in command injection 1. Advisory Information Title: DX Studio Player Firefox plug-in command injection Advisory ID: CORE-2009-0521...

9.3CVSS7.2AI score0.40176EPSS

Exploits10

seebug.org•added 2009/06/11 12:0 a.m.•46 views

DX Studio Player < 3.0.29.1 Firefox plug-in Command Injection Vuln

No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ DX Studio Player Firefox plug-in command injection 1. Advisory Information Title: DX Studio Player Firefox plug-in command injectio...

9.3CVSS0.1AI score0.40176EPSS

Exploits10

Packet Storm•added 2009/06/10 12:0 a.m.•50 views

Core Security Technologies Advisory 2009.0521

9.3CVSS0.6AI score0.40176EPSS

Exploits10

exploitpack•added 2009/06/10 12:0 a.m.•50 views

Worldweaver DX Studio Player 3.0.29.1 Firefox plugin - Command Injection

Worldweaver DX Studio Player 3.0.29.1 Firefox plugin - Command Injection -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ DX Studio Player Firefox plug-in command injection 1. Advisory Information Title: DX Studio...

9.3CVSS0.4AI score0.40176EPSS

Exploits10

Circl•added 2009/06/10 12:0 a.m.•8 views

CVE-2009-2011

creationtimestamp| type| source ---|---|--- 2009-06-10 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/8922 2010-05-26 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/16515 2018-05-29 15:50:33+00:00| seen|...

9.3CVSS5.7AI score0.40176EPSS

Exploits10References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by