VulnCheck KEV: CVE-2012-10064

Omni Secure Files plugin versions prior to 0.1.14 contain an arbitrary file upload vulnerability in the bundled plupload example endpoint. The /wp-content/plugins/omni-secure-files/plupload/examples/upload.php handler allows unauthenticated uploads without enforcing safe file type restrictions,...

Worldweaver DX Studio Player 3.0.29 - 'shell.execute()' Command Execution (Metasploit)

$Id: dxstudioplayerexec.rb 9375 2010-05-26 22:39:56Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Worldweaver DX Studio Player shell.execute() Command Execution

This module exploits a command execution vulnerability within the DX Studio Player from Worldweaver for versions 3.0.29 and earlier. The player is a browser plugin for IE ActiveX and Firefox dll. When an unsuspecting user visits a web page referring to a specially crafted .dxstudio document, an...

AwingSoft Winds3D Player 3.5 SceneURL Download and Execute

This module exploits an untrusted program execution vulnerability within the Winds3D Player from AwingSoft. The Winds3D Player is a browser plugin for IE ActiveX, Opera DLL and Firefox XPI. By setting the 'SceneURL' parameter to the URL to an executable, an attacker can execute arbitrary code...

Nessus Scan Information

This plugin displays, for each tested host, information about the scan itself : - The version of the plugin set. - The type of scanner Nessus or Nessus Home. - The version of the Nessus Engine. - The port scanners used. - The port range scanned. - The ping round trip time - Whether credentialed o...

SSL Certificate Expiry

This plugin checks expiry dates of certificates associated with SSL- enabled services on the target and reports whether any have already expired. TRUSTED...