907 matches found
HTTP Blind XPATH 1.0 Injector
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HTTP Blind XPATH 1.0 Injector', 'Description' = %q This module exploits blind XPATH 1.0 injections over HTTP GET requests. , 'Author' = 'et at...
Cisco Ironport Bruteforce Login Utility
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco Ironport Bruteforce Login Utility', 'Description' = % This module scans for Cisco Ironport SMA, WSA and ESA web login portals, finds AsyncO...
D-Link DSL 320B Password Extractor
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'D-Link DSL 320B Password Extractor', 'Description' = %q This module exploits an authentication bypass vulnerability in D-Link DSL 320B 'EDB',...
Novell EDirectory EMBox Unauthenticated File Access
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Novell eDirectory eMBox Unauthenticated File Access', 'Description' = %q This module will access Novell eDirectory's eMBox service and can run th...
VMWare Enumerate User Accounts
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMWare Enumerate User Accounts', 'Description' = %Q This module will log into the Web API of VMWare and try to enumerate all the user accounts. I...
MinIO Bootstrap Verify Information Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MinIO Bootstrap Verify Information Disclosure', 'Description' = %q MinIO is a Multi-Cloud Object Storage framework. In a cluster deployment...
TrendMicro OfficeScanNT Listener Traversal Arbitrary File Access
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TrendMicro OfficeScanNT Listener Traversal Arbitrary File Access', 'Description' = %q This module tests for directory traversal vulnerability in...
Apple TV Video Remote Control
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule 'Apple TV Video Remote Control', 'Description' = %q This module plays a video on an AppleTV device. Note that AppleTV can be somewha...
Oracle XML DB SID Discovery Via Brute Force
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle XML DB SID Discovery via Brute Force', 'Description' = %q This module attempts to retrieve the sid from the Oracle XML DB httpd server,...
F5 BIG-IP Backend Cookie Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'F5 BIG-IP Backend Cookie Disclosure', 'Description' = %q This module identifies F5 BIG-IP load balancers and leaks backend information pool name,...
pgAdmin Binary Path API RCE
pgAdmin use exploit/windows/http/pgadminbinarypathapi msf exploitpgadminbinarypathapi show targets ...targets... msf exploitpgadminbinarypathapi set TARGET msf exploitpgadminbinarypathapi show options ...show and set options... msf exploitpgadminbinarypathapi exploit This module requires...
Security Bulletin: Multiple Vulnerabilities in IBM Application Performance Management
Summary Multiple vulnerabilities were addressed in IBM Application Performance Management 8.1.4.0 IF16 patch Vulnerability Details CVEID:CVE-2023-32342 DESCRIPTION: IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption...
OpenMediaVault rpc.php Authenticated Cron Remote Code Execution Exploit
OpenMediaVault allows an authenticated user to create cron jobs as root on the system. An attacker can abuse this by sending a POST request via rpc.php to schedule and execute a cron entry that runs arbitrary commands as root on the system. All OpenMediaVault versions including the latest release...
Memory Leak
org.apache.cxf: cxf-rt-transports-http is vulnerable to a Memory Leak. The vulnerability is caused due to the lack of proper shutdown handling for HTTPClient instances, which may lead to continuous memory consumption increase and eventually cause the application to run out of memory, resulting in...
Magento XXE Unserialize Arbitrary File Read
This module exploits a XXE vulnerability in Magento 2.4.7-p1 and below which allows an attacker to read any file on the system. Module Options msf use auxiliary/gather/magentoxxecve202434102 msf auxiliarymagentoxxecve202434102 show actions ...actions... msf auxiliarymagentoxxecve202434102 set...
Security Bulletin: IBM QRadar SIEM protocols are vulnerable to Security Restriction Bypass ( CVE-2020-13956)
Summary Apache HttpClient is vulnerable to Security Restriction Bypass. Attackers can potentially break security and potentially steal sensitive information. This has been addressed with an update. Vulnerability Details CVEID:CVE-2020-13956 DESCRIPTION: Apache HttpClient could allow a remote...
Apache OFBiz forgotPassword/ProgramExport RCE
Apache OFBiz versions prior to 18.12.13 are vulnerable to a path traversal vulnerability CVE-2024-32113. The vulnerable endpoint /webtools/control/forgotPassword allows an attacker to access the ProgramExport endpoint which in turn allows for remote code execution in the context of the user runni...
OPENSUSE-SU-2024:10621-1 apache-commons-httpclient-3.1-13.4 on GA media
These are all security issues fixed in the apache-commons-httpclient-3.1-13.4 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2024:10381-1 apache-commons-httpclient-3.1-8.5 on GA media
These are all security issues fixed in the apache-commons-httpclient-3.1-8.5 package on the GA media of openSUSE Tumbleweed...
Security Bulletin: Security fixes available for The IBM® Engineering System Design Rhapsody products on IBM Jazz Technology
Summary The IBM® Engineering System Design Rhapsody 10.0 iFix001, The IBM® Engineering System Design Rhapsody 9.0.2 iFix002 and The IBM® Engineering System Design Rhapsody 9.0.1 iFix006 contain fixes for vulnerabilities identified in the Vulnerabilities Details section. The refererred iFix versio...