STUNSHELL Web Shell Remote Code Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

JBoss DeploymentFileRepository WAR Deployment (via JMXInvokerServlet)

No description provided by source. require 'msf/core' class Metasploit4 Msf::Exploit::Remote Rank = ExcellentRanking HttpFingerprint = :pattern = /JBoss/ include Msf::Exploit::Remote::HttpClient include Msf::Exploit::EXE def initializeinfo = superupdateinfoinfo, 'Name' = 'JBoss...

Dogfood CRM spell.php Remote Command Execution

No description provided by source. $Id: dogfoodspellexec.rb 9669 2010-07-03 03:13:45Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

Microsoft IIS WebDAV Write Access Code Execution

No description provided by source. $Id: iiswebdavuploadasp.rb 10397 2010-09-20 15:59:46Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms...

Foreman (Red Hat OpenStack/Satellite) bookmarks/create Code Injection

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit4...

Avaya IP Office Customer Call Reporter ImageUpload.ashx Remote Command Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'uri' require 'msf/core' class...

Family Connections less.php Remote Command Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability

No description provided by source. $Id: osbunamejlist.rb 13591 2011-08-19 18:35:29Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Fitnesse Wiki Remote Command Execution Vulnerability

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = GoodRanking include Msf::Exploit::Remote::HttpClient def initializeinfo...

Easy File Management Web Server Stack Buffer Overflow

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Easy File Management Web Server Stack Buffer Overflow', 'Description' = %q Easy File Management Web Server v4.0 and v5.3 contains a...

openSUSE Security Update : jakarta-commons-httpclient (openSUSE-SU-2013:0622-1)

jakarta-commons-httpclient was updated to enhance the fix of bnc803332 / CVE-2012-5783 - also check for subjectAltNames in the certificate. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

Chromecast YouTube Remote Control

This module acts as a simple remote control for Chromecast YouTube. Only the deprecated DIAL protocol is supported by this module. Casting via the newer CASTV2 protocol is unsupported at this time. This module requires Metasploit: https://metasploit.com/download Current source:...

HTTP Header Detection

This module shows HTTP Headers returned by the scanned systems. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HTTP Header Detection', 'Description' = %q This module shows HTTP Headers returne...

SePortal 2.5 SQL Injection / Remote Code Execution Exploit

This Metasploit module exploits a vulnerability found in SePortal version 2.5. When logging in as any non-admin user, it's possible to retrieve the admin session from the database through SQL injection. The SQL injection vulnerability exists in the "staticpages.php" page. This hash can be used to...

MantisBT 'adm_config_report.php' SQL注入漏洞

Bugtraq ID:65903 CVE ID:CVE-2014-2238 MantisBT是一个基于web的流行bug跟踪系统。 MantisBT 'admconfigreport.php'不正确过滤用户提交的POST参数数据，允许远程攻击者利用漏洞提交特制的SQL查询，可操作或获取数据库数据。 0 MantisBT 1.2.16 目前没有详细解决方案提供： http://www.mantisbt.org This file is part of the Metasploit Framework and may be subject to redistribution and...

Dexter (CasinoLoader) SQL Injection

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Dexter CasinoLoader SQL Injection", 'Description' = %q This module exploits a vulnerability found in the command and control panel us...

DoliWamp 'jqueryFileTree.php' Traversal Gather Credentials

This module will extract user credentials from DoliWamp - a WAMP packaged installer distribution for Dolibarr ERP on Windows - versions 3.3.0 to 3.4.2 by hijacking a user's session. DoliWamp stores session tokens in filenames in the 'tmp' directory. A directory traversal vulnerability in...

HP SiteScope issueSiebelCmd Remote Code Execution

This module exploits a code execution flaw in HP SiteScope. The vulnerability exists in the APISiteScopeImpl web service, specifically in the issueSiebelCmd method, which allows the user to execute arbitrary commands without authentication. This module has been tested successfully on HP SiteScope...

jakarta-commons-httpclient: missing connection hostname check against X.509 certificate name

It was found that Apache Commons HttpClient 3.x, as used in Amazon Flexible Payments Service FPS merchant Java SDK and other products, does not verify that the server hostname matches a domain name in the subject's Common Name CN or subjectAltName field of the X.509 certificate, which allows...

OpenMediaVault Cron Remote Command Execution Vulnerability

OpenMediaVault allows an authenticated user to create cron jobs as arbitrary users on the system. An attacker can abuse this to run arbitrary commands as any user available on the system including root. This module requires Metasploit: http//metasploit.com/download Current source:...