Phpwiki Ploticus Remote Code Execution

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Phpwiki Ploticus Remote Code Execution', 'Description' = %q The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execute...

Phpwiki Ploticus Remote Code Execution

The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execute arbitrary code via command injection. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Phpwiki Ploticus Remote Code...

ManageEngine Desktop Central StatusUpdate - Arbitrary File Upload (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'ManageEngine Desktop Central StatusUpdate Arbitrary File Upload', 'Description' = %q This module exploits an arbitrary file upload...

ManageEngine Desktop Central StatusUpdate Arbitrary File Upload Exploit

This module exploits an arbitrary file upload vulnerability in ManageEngine DesktopCentral v7 to v9 build 90054 including the MSP versions. A malicious user can upload a JSP file into the web root without authentication, leading to arbitrary code execution as SYSTEM. Some early builds of version ...

Firefox toString console.time Privileged Javascript Injection

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex/exploitation/jsobfu' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include...

VMTurbo Operations Manager 4.6 vmtadmin.cgi Remote Command Execution

VMTurbo Operations Manager 4.6 and prior are vulnerable to unauthenticated OS Command injection in the web interface. Use reverse payloads for the most reliable results. Since it is a blind OS command injection vulnerability, there is no output for the executed command when using the cmd generic...

VMTurbo Operations Manager vmtadmin.cgi Remote Command Execution

VMTurbo Operations Manager 4.6 and prior are vulnerable to unauthenticated OS Command injection in the web interface. Use reverse payloads for the most reliable results. Since it is a blind OS command injection vulnerability, there is no output for the executed command when using the cmd generic...

Raritan PowerIQ 4.1.0 - SQL Injection Vulnerability

No description provided by source. =begin Raritan PowerIQ suffers from an unauthenticated SQL injection vulnerability within an endpoint used during initial configuration of the licensing for the product. This endpoint is still available after the appliance has been fully configured. POST...

Raritan PowerIQ 4.1.0 - SQL Injection Vulnerability

Exploit for linux platform in category web applications =begin Raritan PowerIQ suffers from an unauthenticated SQL injection vulnerability within an endpoint used during initial configuration of the licensing for the product. This endpoint is still available after the appliance has been fully...

D-Link info.cgi POST Request Buffer Overflow

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::HttpClient include...

Wordpress WPTouch Authenticated File Upload

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Wordpress WPTouch Authenticated File Upload', 'Description' = %q The Wordpress WPTouch plugin contains an auhtenticated file upload...

Dell Sonicwall Scrutinizer 11.01 Code Execution / SQL Injection

Dell Sonicwall Scrutinizer version 11.01 is vulnerable to an authenticated SQL injection that allows an attacker to write arbitrary files to the file system. This vulnerability can be used to write a PHP script to the file system to gain remote command execution. Metasploit module included. Dell...

D-Link HNAP Request Remote Buffer Overflow

This module exploits an anonymous remote code execution vulnerability on different D-Link devices. The vulnerability is due to a stack based buffer overflow while handling malicious HTTP POST requests addressed to the HNAP handler. This module has been successfully tested on D-Link DIR-505 in an...

D-Link Unauthenticated UPnP M-SEARCH Multicast Command Injection

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'D-Link Unauthenticated UPnP M-SEARCH Multicast Command Injection', 'Description' = %q Different D-Link Routers are vulnerable to OS...

Dell Sonicwall Scrutinizer 11.01 Code Execution / SQL Injection

Dell Scrutinizer 11.01 several vulnerabilities http://www.mysonicwall.com has a trial available. Dell Sonicwall Scrutinizer suffers from several SQL injections, many of which can end up with remote code execution. An attacker needs to be authenticated, but not as an administrator. However, that...

Gitlist Unauthenticated Remote Command Execution

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Gitlist Unauthenticated Remote Command Execution', 'Description' = %q This module exploits an unauthenticated remote command executio...

Umbraco CMS Remote Command Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

Novell Client 2 SP3 - Privilege Escalation Exploit

No description provided by source. Novell Client 2 SP3 Privilege escalation exploit Tested on Windows 7 and 8 x86 / nicm.sys 3.1.11.0 Thanks to Master Ryujin : The first public information I have seen about this bug was from Nikita Tarakanov @NTarakanov I am not sure weather there was anything el...

VMware vCenter Chargeback Manager ImageUploadServlet Arbitrary File Upload

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

HP AutoPass License Server File Upload

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include...