1350 matches found
TWiki MAKETEXT Remote Command Execution
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...
WordPress WP-Property PHP File Upload
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' require 'msf/core/exploit/phpexe'...
Netwin SurgeFTP Remote Command Execution
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Netwin SurgeFTP...
Netwin SurgeFTP Remote Command Execution Vulnerability
Exploit for multiple platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framewor...
InduSoft Web Studio ISSymbol.ocx InternationalSeparator() Heap Overflow
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 HttpClients::IE,...
Maxthon3 - about:history XCS Trusted Zone Code Execution (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Maxthon3...
Nagios XI Network Monitor Graph Explorer Component Command Injection
Exploit for unix platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
FreeFloat FTP Server Arbitrary File Upload Vulnerability
This Metasploit module abuses multiple issues in FreeFloat: 1. No credential is actually needed to login; 2. User's default path is in C:, and this cannot be changed; 3. User can write to anywhere on the server's file system. As a result of these poor implementations, a malicious user can just lo...
Maxthon3 about:history XCS Trusted Zone Code Execution
Cross Context Scripting XCS is possible in the Maxthon about:history page. Injection in such privileged/trusted browser zone can be used to modify configuration settings and execute arbitrary commands. Please note this module only works against specific versions of XCS. Currently, we've only...
IBM System Director Agent - DLL Injection (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'IBM System Director Agent DLL...
BlazeVideo HDTV Player Pro 6.6 - Filename Handling (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "BlazeVideo HDTV...
Network Shutdown Module 3.21 Remote PHP Code Injection
This Metasploit module exploits a vulnerability in lib/dbtools.inc which uses unsanitized user input inside a eval call. Additionally the base64 encoded user credentials are extracted from the database of the application. Please note that in order to be able to steal credentials, the vulnerable...
Network Shutdown Module 3.21 Remote PHP Code Injection
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'msf/core/exploit/phpexe' class Metasploit3...
Narcissus Image Configuration - Passthru (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Narcissus Image...
Narcissus Image Configuration Passthru Vulnerability
Exploit for linux platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
NFR Agent FSFUI Record File Upload Remote Command Execution
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'NFR Agent FSFUI Record File Upload...
Nessus NTP Login Utility
This module attempts to authenticate to a Nessus NTP service. nessusntplogin.rb This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nessus NTP Login Utility', 'Description' = 'This module attempts ...
Java Applet JAX-WS Remote Code Execution Vulnerability
This Metasploit module abuses the JAX-WS classes from a Java Applet to run arbitrary Java code outside of the sandbox as exploited in the wild in November of 2012. The vulnerability affects Java version 7u7 and earlier. This file is part of the Metasploit Framework and may be subject to...
EMC Networker Format String Vulnerability
This Metasploit module exploits a format string vulnerability in the lgsprintf function as implemented in liblocal.dll on EMC Networker products. This Metasploit module exploits the vulnerability by using a specially crafted RPC call to the program number 0x5F3DD, version 0x02, and procedure 0x06...
Aladdin Knowledge System Ltd ChooseFilePath Buffer Overflow
Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...