Adobe Coldfusion 11 CKEditor Arbitrary File Upload

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Adobe ColdFusion CKEditor unrestricted file upload', 'Description' = %q A file upload vulnerability in the CKEditor of Adobe ColdFusion 11 Update...

Imperva SecureSphere PWS Command Injection

This module exploits a command injection vulnerability in Imperva SecureSphere 13.x. The vulnerability exists in the PWS service, where Python CGIs didn't properly sanitize user supplied command parameters and directly passes them to corresponding CLI utility, leading to command injection. Agent...

Mailcleaner Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Mailcleaner Remote Code Execution", 'Description' = %q This module exploits the command injection vulnerability of MailCleaner Community Edition...

Erlang Port Mapper Daemon Cookie Remote Code Execution Exploit

The erlang port mapper daemon is used to coordinate distributed erlang instances. Should an attacker get the authentication cookie, remote code execution is trivial. Usually, this cookie is named ".erlang.cookie" and varies on location. This module requires Metasploit:...

CVE-2020-24719

creationtimestamp| type| source ---|---|--- 2018-12-19 14:31:13+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/misc/erlangcookierce.rb 2020-11-13 00:31:16+00:00| seen| https://t.me/cibsecurity/16279 2025-10-23 21:12:59+00:00| seen|...

CyberLink LabelPrint 2.5 Stack Buffer Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "CyberLink LabelPrint 2.5 Stack Buffer Overflow", 'Description' = %q This module exploits a stack buffer overflow in CyberLink LabelPrint 2.5 and...

HP Intelligent Management Java Deserialization Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "HP Intelligent Management Java Deserialization RCE", 'Description' = %q This vulnerability allows remote attackers to execute arbitrary code on...

Mac OS X libxpc MITM Privilege Escalation Exploit

This Metasploit module exploits a vulnerability in libxpc on macOS versions 10.13.3 and below. The tasksetspecialport API allows callers to overwrite their bootstrap port, which is used to communicate with launchd. This port is inherited across forks: child processes will use the same bootstrap...

Xorg X11 Server SUID Privilege Escalation Exploit

This Metasploit module attempts to gain root privileges with SUID Xorg X11 server versions 1.19.0 up to 1.20.3. A permission check flaw exists for -modulepath and -logfile options when starting Xorg. This allows unprivileged users that can start the server the ability to elevate privileges and ru...

Xorg X11 Server SUID Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Xorg X11 Server SUID privilege escalation', 'Description' = %q This module attempts to gain root privileges with SUID Xorg X11 server versions...

Cisco Prime Infrastructure Unauthenticated Remote Code Execution Exploit

Cisco Prime Infrastructure CPI contains two basic flaws that when exploited allow an unauthenticated attacker to achieve remote code execution. The first flaw is a file upload vulnerability that allows the attacker to upload and execute files as the Apache Tomcat user; the second is a privilege...

CVE-2018-15439

creationtimestamp| type| source ---|---|--- 2018-11-08 08:46:17+00:00| seen| https://t.me/securixykz/213 2019-01-21 10:28:05+00:00| seen| https://t.me/informationsecuritychannel/23870 2019-06-19 16:07:26+00:00| seen|...

iOS Text Gatherer

This module collects text messages from iPhones. Tested on iOS 10.3.3 on an iPhone 5. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'iOS Text Gatherer', 'Description' = %q This module collects...

VLC Media Player - MKV Use-After-Free Exploit

Exploit for windows platform in category local exploits This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VLC Media Player MKV Use After Free', 'Description' = %q This module exploits a use after...

VLC Media Player 2.2.8 MKV Use-After-Free

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VLC Media Player MKV Use After Free', 'Description' = %q This module exploits a use after free vulnerability in VideoLAN VLC = MSFLICENSE, 'Autho...

Delta Electronics Delta Industrial Automation COMMGR 1.08 Stack Buffer Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Delta Electronics Delta Industrial Automation COMMGR 1.08 Stack Buffer Overflow', 'Description' = %q This module exploits a stack based buffer...

Cisco Prime Infrastructure - Unauthenticated Remote Code Execution Exploit

Cisco Prime Infrastructure CPI contains two basic flaws that when exploited allow an unauthenticated attacker to achieve remote code execution. The first flaw is a file upload vulnerability that allows the attacker to upload and execute files as the Apache Tomcat user; the second is a privilege...

Zahir Enterprise Plus 6 - Stack Buffer Overflow (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Zahir Enterprise Plus 6 Stack Buffer Overflow", 'Description' = %q This module exploits a stack buffer overflow in Zahir Enterprise Plus version ...

Zahir Enterprise Plus 6 Stack Buffer Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Zahir Enterprise Plus 6 Stack Buffer Overflow", 'Description' = %q This module exploits a stack buffer overflow in Zahir Enterprise Plus version ...

Belkin Wemo-Enabled Crock-Pot Remote Control

This module acts as a simple remote control for Belkin Wemo-enabled Crock-Pots by implementing a subset of the functionality provided by the Wemo App. No vulnerabilities are exploited by this Metasploit module in any way. This module requires Metasploit: https://metasploit.com/download Current...