1622 matches found
ManageEngine Applications Manager Authenticated Code Execution
This module logs into the Manage Engine Applications Manager to upload a payload to the file system and a batch script that executes the payload. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule...
HP OpenView NNM nnmRptConfig nameParams Buffer Overflow
Exploit for windows platform in category remote exploits $Id: hpnnmnnmrptconfignameparams.rb 12085 2011-03-23 03:37:18Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more...
HP NNM CGI webappmon.exe execvp Buffer Overflow
$Id: hpnnmwebappmonexecvp.rb 12086 2011-03-23 03:38:46Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Adobe ColdFusion - Directory Traversal
$Id: coldfusiontraversal.rb 11986 2011-03-16 10:15:54Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Majordomo2 _list_file_get() Directory Traversal
This module exploits a directory traversal vulnerability present in the listfileget function of Majordomo2 help function. By default, this module will attempt to download the Majordomo config.pl file. This module requires Metasploit: https://metasploit.com/download Current source:...
SAP Management Console Version Detection
This module simply attempts to identify the version of SAP through the SAP Management Console SOAP Interface. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP Management Console Version...
Apache HTTPD mod_negotiation Filename Bruter
This module performs a brute force attack in order to discover existing files on a server which uses modnegotiation. If the filename is found, the IP address and the files found will be displayed. This module requires Metasploit: https://metasploit.com/download Current source:...
Fonality trixbox CE 2.6.1 - 'langChoice' Local File Inclusion (Metasploit)
$Id: trixboxlangchoice.rb 11516 2011-01-08 01:13:26Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Mitel Audio and Web Conferencing Command Injection
$Id: mitelawcexec.rb 11389 2010-12-21 19:16:18Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
HP OpenView Network Node Manager (OV NNM) - 'Snmp.exe' CGI Buffer Overflow (Metasploit)
$Id: hpnnmsnmp.rb 10998 2010-11-11 22:43:22Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
Oracle VM Server Virtual Server Agent Command Injection
$Id: oraclevmagentutl.rb 10821 2010-10-25 20:58:49Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Novell iManager getMultiPartParameters Arbitrary File Upload
$Id: novellimanagerupload.rb 10726 2010-10-18 07:05:22Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
FreeBSD : wget -- multiple HTTP client download filename vulnerability (d754b7d2-b6a7-11df-826c-e464a695cb21)
GNU Wget version 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a .wgetrc filename followed by a 3xx redirect to a...
lftp security update
3.7.11-4.el55.3 - Related: CVE-2010-2251 - document change of xfer:clobber default value in manpage, respect xfer:clobber on with xfer:auto-rename on old behaviour 3.7.11-4.el55.2 - Related: CVE-2010-2251 - describe new option xfer:auto-rename which could restore old behaviour in manpage...
Microsoft IIS 5.0 - WebDAV 'ntdll.dll' Path Overflow (MS03-007) (Metasploit)
$Id: ms03007ntdllwebdav.rb 9929 2010-07-25 21:37:54Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
TWiki - Search Function Arbitrary Command Execution (Metasploit)
$Id: twikisearch.rb 9671 2010-07-03 06:21:31Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
LiteSpeed Source Code Disclosure/Download
This module exploits a source code disclosure/download vulnerability in versions 4.0.14 and prior of LiteSpeed. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LiteSpeed Source Code...
wget -- multiple HTTP client download filename vulnerability
GNU Wget version 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary files via a 3xx redirect to a URL with a .wgetrc filename followed by a 3xx redirect to a...
Now SMS/Mms Gateway - Remote Buffer Overflow (Metasploit)
$Id: nowsms.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ requir...
Design/Logic Flaw
The HTTP client functionality in Apple iPhone OS 3.1 on the iPhone 2G and 3.1.3 on the iPhone 3GS allows remote attackers to cause a denial of service Safari, Mail, or Springboard crash via a crafted innerHTML property of a DIV element, related to a "malformed character" issue...