907 matches found
ColdFusion 8.0.1 - Arbitrary File Upload and Execute
No description provided by source. $Id: coldfusionfckeditor.rb 11127 2010-11-24 19:35:38Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and term...
The Matt Wright guestbook.pl <= 2.3.1 - Server Side Include Vulnerability
No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...
DLink DIR-645 / DIR-815 diagnostic.php Command Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
Microsoft IIS WebDAV Write Access Code Execution
No description provided by source. $Id: iiswebdavuploadasp.rb 10397 2010-09-20 15:59:46Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms...
Family Connections less.php Remote Command Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability
No description provided by source. $Id: osbunamejlist.rb 13591 2011-08-19 18:35:29Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Avaya IP Office Customer Call Reporter ImageUpload.ashx Remote Command Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'uri' require 'msf/core' class...
Foreman (Red Hat OpenStack/Satellite) bookmarks/create Code Injection
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit4...
Fitnesse Wiki Remote Command Execution Vulnerability
No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = GoodRanking include Msf::Exploit::Remote::HttpClient def initializeinfo...
Easy File Management Web Server Stack Buffer Overflow
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Easy File Management Web Server Stack Buffer Overflow', 'Description' = %q Easy File Management Web Server v4.0 and v5.3 contains a...
openSUSE Security Update : jakarta-commons-httpclient (openSUSE-SU-2013:0622-1)
jakarta-commons-httpclient was updated to enhance the fix of bnc803332 / CVE-2012-5783 - also check for subjectAltNames in the certificate. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
Chromecast YouTube Remote Control
This module acts as a simple remote control for Chromecast YouTube. Only the deprecated DIAL protocol is supported by this module. Casting via the newer CASTV2 protocol is unsupported at this time. This module requires Metasploit: https://metasploit.com/download Current source:...
HTTP Header Detection
This module shows HTTP Headers returned by the scanned systems. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HTTP Header Detection', 'Description' = %q This module shows HTTP Headers returne...
SePortal 2.5 SQL Injection / Remote Code Execution Exploit
This Metasploit module exploits a vulnerability found in SePortal version 2.5. When logging in as any non-admin user, it's possible to retrieve the admin session from the database through SQL injection. The SQL injection vulnerability exists in the "staticpages.php" page. This hash can be used to...
MantisBT 'adm_config_report.php' SQL注入漏洞
Bugtraq ID:65903 CVE ID:CVE-2014-2238 MantisBT是一个基于web的流行bug跟踪系统。 MantisBT 'admconfigreport.php'不正确过滤用户提交的POST参数数据,允许远程攻击者利用漏洞提交特制的SQL查询,可操作或获取数据库数据。 0 MantisBT 1.2.16 目前没有详细解决方案提供: http://www.mantisbt.org This file is part of the Metasploit Framework and may be subject to redistribution and...
Dexter (CasinoLoader) SQL Injection
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Dexter CasinoLoader SQL Injection", 'Description' = %q This module exploits a vulnerability found in the command and control panel us...
DoliWamp 'jqueryFileTree.php' Traversal Gather Credentials
This module will extract user credentials from DoliWamp - a WAMP packaged installer distribution for Dolibarr ERP on Windows - versions 3.3.0 to 3.4.2 by hijacking a user's session. DoliWamp stores session tokens in filenames in the 'tmp' directory. A directory traversal vulnerability in...
HP SiteScope issueSiebelCmd Remote Code Execution
This module exploits a code execution flaw in HP SiteScope. The vulnerability exists in the APISiteScopeImpl web service, specifically in the issueSiebelCmd method, which allows the user to execute arbitrary commands without authentication. This module has been tested successfully on HP SiteScope...
jakarta-commons-httpclient: missing connection hostname check against X.509 certificate name
It was found that Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service FPS merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows...
OpenMediaVault Cron Remote Command Execution Vulnerability
OpenMediaVault allows an authenticated user to create cron jobs as arbitrary users on the system. An attacker can abuse this to run arbitrary commands as any user available on the system including root. This module requires Metasploit: http//metasploit.com/download Current source:...