907 matches found
Important: Red Hat Security Advisory: Red Hat JBoss Fuse/A-MQ 6.3 R2 security and bug fix update
An update is now available for Red Hat JBoss Fuse and Red Hat JBoss A-MQ. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
Nuxeo Platform 6.x / 7.x Shell Upload
Description Nuxeo Platform is a content management system for enterprises CMS. It embeds an Apache Tomcat server, and can be managed through a web interface. One of its features allows authenticated users to import files to the platform. By crafting the upload request with a specific X-File-Name...
Ruby on Rails 4.0.x / 4.1.x / 4.2.x (Web Console v2) - Whitelist Bypass Code Execution Exploit
Exploit for multiple platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Ruby on Rails Web Console v2 Whitelist Bypass Code Execution',...
dnaLIMS Admin Module Command Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'dnaLIMS Admin Module Command Execution', 'Description' = %q This module utilizes an administrative module which allows for...
Kodi 17.0 Local File Inclusion Exploit
Usage Info msf use auxiliary/scanner/http/koditraversal msf auxiliarykoditraversal show actions ...actions... msf auxiliarykoditraversal set ACTION msf auxiliarykoditraversal show options ...show and set options... msf auxiliarykoditraversal run This module requires Metasploit:...
Netgear R7000 / R6400 cgi-bin Command Injection
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Netgear R7000 and R6400 cgi-bin Command Injection", 'Description' = %q This module exploits an arbitrary command injection...
Netgear R7000 / R6400 cgi-bin Command Injection Exploit
This Metasploit module exploits an arbitrary command injection vulnerability in Netgear R7000 and R6400 router firmware version 1.0.7.21.1.93 and possibly earlier. This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework requir...
dnaLIMS Admin Module Command Execution
This module utilizes an administrative module which allows for command execution. This page is completely unprotected from any authentication when given a POST request. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...
DokuWiki SSRF Security Bypass Vulnerability(CVE-2016-7964 )
I found a ssrf vulnerability in dokuwiki. The sendRequest method in HTTPClient ClassIn file: /inc/HTTPClient.php has no restrict to access private network, such as, 10.0.0.1/8, 172.16.0.0/12, 192.168.0.0/16. This allows user to scan port of internal network. For example, 1. edit any page in...
Kodi 17.0 Local File Inclusion Vulnerability
This module exploits a directory traversal flaw found in Kodi before 17.1. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kodi 17.0 Local File Inclusion Vulnerability', 'Description' = %q This...
Netgear R7000 and R6400 cgi-bin Command Injection
This module exploits an arbitrary command injection vulnerability in Netgear R7000 and R6400 router firmware version 1.0.7.21.1.93 and possibly earlier. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...
Geutebruck 5.02024 G-Cam/EFD-2250 - Remote Command Execution Exploit
Exploit for hardware platform in category web applications This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Geutebruck testaction.cgi Remote Command Execution', 'Description' = %q...
AlienVault OSSIM/USM < 5.3.1 - Remote Code Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "AlienVault OSSIM/USM Remote Code Execution", 'Description' = %q This module exploits object injection, authentication bypass an...
HP Helion Eucalyptus Multiple Vulnerabilities
HP Helion Eucalyptus is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:eucalyptus:eucalyptus"...
Chromecast Wifi Enumeration
This module enumerates wireless access points through Chromecast. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Chromecast Wifi Enumeration', 'Description' = %q This module enumerates wireles...
PowerShellEmpire Arbitrary File Upload (Skywalker) Exploit
A vulnerability existed in the PowerShellEmpire server prior to commit f030cf62 which would allow an arbitrary file to be written to an attacker controlled location with the permissions of the Empire server. This exploit will write the payload to /tmp/ directory followed by a cron.d file to execu...
PowerShellEmpire Arbitrary File Upload (Skywalker)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'PowerShellEmpire Arbitrary File Upload Skywalker', 'Description' = %q A vulnerability existed in the PowerShellEmpire server...
Design/Logic Flaw
The sendRequest method in HTTPClient Class in file /inc/HTTPClient.php in DokuWiki 2016-06-26a and older, when media file fetching is enabled, has no way to restrict access to private networks. This allows users to scan ports of internal networks via SSRF, such as 10.0.0.1/8, 172.16.0.0/12, and...
CVE-2016-7964
The sendRequest method in HTTPClient Class in file /inc/HTTPClient.php in DokuWiki 2016-06-26a and older, when media file fetching is enabled, has no way to restrict access to private networks. This allows users to scan ports of internal networks via SSRF, such as 10.0.0.1/8, 172.16.0.0/12, and...
DEBIAN-CVE-2016-7964
The sendRequest method in HTTPClient Class in file /inc/HTTPClient.php in DokuWiki 2016-06-26a and older, when media file fetching is enabled, has no way to restrict access to private networks. This allows users to scan ports of internal networks via SSRF, such as 10.0.0.1/8, 172.16.0.0/12, and...