IBM Lotus Sametime WebPlayer DoS

This module exploits a known flaw in the IBM Lotus Sametime WebPlayer version 8.5.2.1392 and prior to cause a denial of service condition against specific users. For this module to function the target user must be actively logged into the IBM Lotus Sametime server and have the Sametime Audio Visu...

SerComm Network Device Backdoor Detection

This module can identify SerComm manufactured network devices which contain a backdoor, allowing command injection or account disclosure. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SerComm...

IBM Lotus Notes Sametime User Enumeration

This module extracts usernames using the IBM Lotus Notes Sametime web interface using either a dictionary attack which is preferred, or a bruteforce attack trying all usernames of MAXDEPTH length or less. This module requires Metasploit: https://metasploit.com/download Current source:...

Synology DiskStation Manager远程命令执行漏洞

CVE ID:CVE-2013-6955 Synology DiskStation Manager 是第一个提供网络多任务处理用户接口的NAS操作系统。 该漏洞是位于/ webman/ imageSelector.cgi,允许攻击者以root权限执行任意命。 0 Synology DiskStation Manager 4.x 目前厂商暂无提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http:// www.synology.com This module requires Metasploit: http//metasploit.com/downlo...

Zimbra Collaboration Server LFI Vulnerability

This Metasploit module exploits a local file inclusion on Zimbra 8.0.2 and 7.2.2. The vulnerability allows an attacker to get the LDAP credentials from the localconfig.xml file. The stolen credentials allow the attacker to make requests to the service/admin/soap API. This can then be used to crea...

Synology DiskStation Manager SLICEUPLOAD Remote Command Execution

This Metasploit module exploits a vulnerability found in Synology DiskStation Manager DSM versions 4.x, which allows the execution of arbitrary commands under root privileges. The vulnerability is located in /webman/imageSelector.cgi, which allows to append arbitrary data to a given file using a ...

HP SiteScope issueSiebelCmd - Remote Code Execution (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rexml/document' class Metasploit3 /Apache-Coyote/ include REXML include Msf::Exploit::Remote::HttpClient include Msf::Exploit::CmdStagerVBS def...

Zimbra Collaboration Server LFI

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rexml/document' class Metasploit3 'Zimbra Collaboration Server LFI', 'Description' = %q This module exploits a local file inclusion on Zimbra...

HP SiteScope issueSiebelCmd Remote Code Execution

This module exploits a code execution flaw in HP SiteScope. The vulnerability exists in the APISiteScopeImpl web service, specifically in the issueSiebelCmd method, which allows the user to execute arbitrary commands without authentication. This module has been tested successfully on HP SiteScope...

HP LoadRunner EmulationAdmin Web Service Directory Traversal

This module exploits a directory traversal vulnerability in version 11.52 of HP LoadRunner. The vulnerability exists in the EmulationAdmin web service, specifically in the copyFileToServer method, allowing the upload of arbitrary files. This module has been tested successfully on HP LoadRunner...

Red Hat CloudForms Management Engine 5.1 miq_policy/explorer SQL Injection

This module exploits a SQL injection vulnerability in the "explorer" action of "miqpolicy" controller of the Red Hat CloudForms Management Engine 5.1 ManageIQ Enterprise Virtualization Manager 5.0 and earlier by changing the password of the target account to the specified password. This module...

Eaton Network Shutdown Module 3.21 PHP Code Injection

Eaton Network Shutdown module versions 3.21 and below suffer from a remote PHP code injection vulnerability. This is a python exploit for a previously disclosed finding. !/usr/bin/env python Quick 'n' Dirty - Metasploit module didn't do it for me 2013 - Filip Waeytens - http://www.wsec.be Usage...

Eaton Network Shutdown Module 3.21 - Remote PHP Code Injection

Eaton Network Shutdown Module 3.21 - Remote PHP Code Injection !/usr/bin/env python Quick 'n' Dirty - Metasploit module didn't do it for me 2013 - Filip Waeytens - http://www.wsec.be Usage Example: $ python eaton.py 192.168.1.9 "net user" User accounts for \...

Cisco Prime Data Center Network Manager Arbitrary File Upload

This Metasploit module exploits a code execution flaw in Cisco Data Center Network Manager. The vulnerability exists in processImageSave.jsp, which can be abused through a directory traversal and a null byte injection to upload arbitrary files. The autodeploy JBoss application server feature is...

ABB MicroSCADA wserver.exe Remote Code Execution Vulnerability

Exploit for windows platform in category remote exploits require 'msf/core' class Metasploit3 'ABB MicroSCADA wserver.exe Remote Code Execution', 'Description' = %q This module exploits a remote stack buffer overflow vulnerability in ABB MicroSCADA. The issue is due to the handling of...

WordPress OptimizePress Theme File Upload

This Metasploit module exploits a vulnerability found in the the Wordpress theme OptimizePress. The vulnerability is due to an insecure file upload on the media-upload.php component, allowing an attacker to upload arbitrary PHP code. This Metasploit module has been tested successfully on...

Cisco Prime Data Center Network Manager - Arbitrary File Upload (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Cisco Prime Data Center Network Manager Arbitrary File Upload', 'Description' = %q This module exploits a code execution flaw in Cisc...

Microsoft Internet Explorer COALineDashStyleArray Unsafe Memory Access

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 EOS def initializeinfo= superupdateinfoinfo, 'Name' = "MS12-022 Microsoft Internet Explorer COALineDashStyleArray Unsafe Memory Access...

Apache Roller OGNL Injection Vulnerability

This Metasploit module exploits an OGNL injection vulnerability in Apache Roller 'Apache Roller OGNL Injection', 'Description' = %q This module exploits an OGNL injection vulnerability in Apache Roller 'Unknown', From coverity.com / Vulnerability discovery 'juan vazquez' Metasploit module ,...

Symantec Altiris DS - SQL Injection (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Symantec Altiris ...