Shodan Search

This module uses the Shodan API to search Shodan. Accounts are free and an API key is required to use this module. Output from the module is displayed to the screen and can be saved to a file or the MSF database. NOTE: SHODAN filters i.e. port, hostname, os, geo, city can be used in queries, but...

http-google-malware NSE Script

Checks if hosts are on Google's blacklist of suspected malware and phishing servers. These lists are constantly updated and are part of Google's Safe Browsing service. To do this the script queries the Google's Safe Browsing service and you need to have your own API key to access Google's Safe...

Improper access control

Piwik 0.2.32 and earlier stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the API key and other sensitive information via a direct request for misc/cron/archive.sh...

CVE-2009-1085

CVE-2009-1085 affects Piwik 0.2.32 and earlier. The issue is improper access control that stores sensitive information (including the API key) under the web root, enabling remote attackers to obtain it via a direct request for misc/cron/archive.sh. The connected records confirm the same descripti...

SA-2008-038 - Services - Arbitrary code execution

The Services module package was created out of a need for a standardized solution to integrate external applications with Drupal. It builds on concepts from Drupal core's XMLRPC interface, but abstracts service callbacks so that they may be used with multiple interfaces such as XMLRPC, SOAP, REST...