1620 matches found
phpMyAdmin 4.x Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'phpMyAdmin Authenticated Remote Code Execution', 'Description' = %q phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before...
CVE-2017-16129
The HTTP client module superagent is vulnerable to ZIP bomb attacks. In a ZIP bomb attack, the HTTP server replies with a compressed response that becomes several magnitudes larger once uncompressed. If a client does not take special care when processing such responses, it may result in excessive...
CVE-2017-16129
The HTTP client module superagent is vulnerable to ZIP bomb attacks. In a ZIP bomb attack, the HTTP server replies with a compressed response that becomes several magnitudes larger once uncompressed. If a client does not take special care when processing such responses, it may result in excessive...
DEBIAN-CVE-2017-16129
The HTTP client module superagent is vulnerable to ZIP bomb attacks. In a ZIP bomb attack, the HTTP server replies with a compressed response that becomes several magnitudes larger once uncompressed. If a client does not take special care when processing such responses, it may result in excessive...
Cross site request forgery (csrf)
The HTTP client module superagent is vulnerable to ZIP bomb attacks. In a ZIP bomb attack, the HTTP server replies with a compressed response that becomes several magnitudes larger once uncompressed. If a client does not take special care when processing such responses, it may result in excessive...
CVE-2017-16129
The HTTP client module superagent is vulnerable to ZIP bomb attacks. In a ZIP bomb attack, the HTTP server replies with a compressed response that becomes several magnitudes larger once uncompressed. If a client does not take special care when processing such responses, it may result in excessive...
CVE-2017-16129
The HTTP client module superagent is vulnerable to ZIP bomb attacks. In a ZIP bomb attack, the HTTP server replies with a compressed response that becomes several magnitudes larger once uncompressed. If a client does not take special care when processing such responses, it may result in excessive...
CVE-2017-16129
The HTTP client module superagent is vulnerable to ZIP bomb attacks. In a ZIP bomb attack, the HTTP server replies with a compressed response that becomes several magnitudes larger once uncompressed. If a client does not take special care when processing such responses, it may result in excessive...
CVE-2017-16026
Request is an http client. If a request is made using multipart, and the body type is a number, then the specified number of non-zero memory is passed in the body. This affects Request =2.2.6 2.51.0 =2.67.0...
Cross site request forgery (csrf)
Request is an http client. If a request is made using multipart, and the body type is a number, then the specified number of non-zero memory is passed in the body. This affects Request =2.2.6 2.51.0 =2.67.0...
CVE-2017-16026
Request is an http client. If a request is made using multipart, and the body type is a number, then the specified number of non-zero memory is passed in the body. This affects Request =2.2.6 2.51.0 =2.67.0...
CVE-2017-16026
The CVE-2017-16026 issue affects the Node.js request module: when making a multipart request and the body is a number, the specified amount of non-zero memory may be disclosed to the recipient. Affected versions are 2.2.6 through 2.47.0 and 2.51.0 through 2.67.0. Root cause is a memory exposure i...
CVE-2017-16026
Request is an http client. If a request is made using multipart, and the body type is a number, then the specified number of non-zero memory is passed in the body. This affects Request =2.2.6 2.51.0 =2.67.0...
CVE-2017-16026
Request is an http client. If a request is made using multipart, and the body type is a number, then the specified number of non-zero memory is passed in the body. This affects Request =2.2.6 2.51.0 =2.67.0...
Mantis Bug Tracker 1.1.3 - 'manage_proj_page' PHP Code Execution (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Mantis manageprojpage PHP Code Execution', 'Description' = %q Mantis v1.1.3 and earlier are vulnerable to a post-authentication Remote Code...
Drupal Drupalgeddon 2 Forms API Property Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Drupal Drupalgeddon 2 Forms API Property Injection', 'Description' = %q This module exploits a Drupal property injection in the Forms API. Drupal...
osCommerce Installer Unauthenticated Code Execution
If the /install/ directory was not removed, it is possible for an unauthenticated attacker to run the "install4.php" script, which will create the configuration file for the installation. This allows the attacker to inject PHP code into the configuration file and execute it. This module requires...
ManageEngine Applications Manager 13.5 - Remote Code Execution Exploit
Exploit for java platform in category web applications This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "ManageEngine Applications Manager Remote Code Execution", 'Description' = %q This module...
GitStack Unsanitized Argument RCE
This module exploits a remote code execution vulnerability that exists in GitStack through v2.3.10, caused by an unsanitized argument being passed to an exec function call. This module has been tested on GitStack v2.3.10. This module requires Metasploit: https://metasploit.com/download Current...
GoAhead Web Server LD_PRELOAD Arbitrary Module Load
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GoAhead Web Server LDPRELOAD Arbitrary Module Load', 'Description' = %q This module triggers an arbitrary shared library load vulnerability in...