CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13541 matches found

Packet Storm•added 2024/09/12 12:0 a.m.•189 views

MPlayer Lite r33064 Buffer Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MPlayer Lite M3U Buffer Overflow', 'Description' = %q This module exploits a stack-based buffer overflow vulnerability in MPlayer Lite r33064,...

7.4AI score

Exploits0

Packet Storm•added 2024/09/12 12:0 a.m.•193 views

UnRAR Path Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'UnRAR Path Traversal CVE-2022-30333', 'Description' = %q This module creates a RAR file that exploits CVE-2022-30333, which is a path-traversal...

7.5CVSS7.2AI score0.92793EPSS

Exploits12

Metasploit•added 2024/09/11 6:54 p.m.•14787 views

SPIP form PHP Injection

This module exploits a PHP code injection in SPIP. The vulnerability exists in the oubli parameter and allows an unauthenticated user to execute arbitrary commands with web user privileges. Branches 3.2, 4.0, 4.1 and 4.2 are concerned. Vulnerable versions are use exploit/multi/http/spiprceform ms...

9.8CVSS8.2AI score0.9312EPSS

Exploits23

Metasploit•added 2024/09/11 6:54 p.m.•6476 views

SPIP connect Parameter PHP Injection

This module exploits a PHP code injection vulnerability in SPIP. The vulnerability exists in the connect parameter, allowing an unauthenticated user to execute arbitrary commands with web user privileges. Branches 2.0, 2.1, and 3 are affected. Vulnerable versions are use...

7.5CVSS5.9AI score0.69494EPSS

Exploits4

Circl•added 2024/09/11 2:19 p.m.•4 views

CVE-2013-4557

creationtimestamp| type| source ---|---|--- 2024-09-11 14:19:17+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/spipconnectexec.rb 2025-10-23 21:12:57+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...

7.5CVSS5.5AI score0.69494EPSS

Exploits4References1

Rapid7 Blog•added 2024/09/06 5:56 p.m.•4 views

Metasploit Weekly Wrap-Up 09/06/2024

Honey, I shrunk the PHP payloads This release contains more PHP payload improvements from Julien Voisin. Last week we landed a PR from Julien that added a datastore option to the php/base64 encoder that when enabled, will use zlib to compress the payload which significantly reduced the size,...

7.4AI score

Exploits0

Metasploit•added 2024/09/05 6:53 p.m.•205 views

PHP Minify Encoder

This encoder minifies a PHP payload by removing leasing spaces, trailing new lines, comments, ... Module Options msf use encoder/php/minify msf encoderminify show actions ...actions... msf encoderminify set ACTION msf encoderminify show options ...show and set options... msf encoderminify run Thi...

7.1AI score

Exploits0

GithubExploit•added 2024/09/05 3:30 p.m.•969 views

Exploit for Improper Input Validation in Kubernetes

Custom Metasploit Module for CVE 2023-2728 and CVE 2024-3177...

6.5CVSS6.2AI score0.08423EPSS

Exploits1

Packet Storm•added 2024/09/01 12:0 a.m.•194 views

Chromecast Wifi Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Chromecast Wifi Enumeration', 'Description' = %q This module enumerates wireless access points through Chromecast. , 'Author' = 'wvu', 'Reference...

7.4AI score

Exploits0

Packet Storm•added 2024/09/01 12:0 a.m.•221 views

WordPress Contus Video Gallery Unauthenticated SQL Injection Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Contus Video Gallery Unauthenticated SQL Injection Scanner', 'Description' = %q This module attempts to exploit a UNION-based SQL...

7.5CVSS7.4AI score0.80939EPSS

Exploits4

Packet Storm•added 2024/09/01 12:0 a.m.•237 views

Chef Web UI Brute Force Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/loginscanner/chefwebui' require 'metasploit/framework/credentialcollection' class MetasploitModule 'Chef Web UI Brute Force Utility',...

7.4AI score

Exploits0

Packet Storm•added 2024/09/01 12:0 a.m.•165 views

WebPageTest Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WebPageTest Directory Traversal', 'Description' = %q This module exploits a directory traversal vulnerability found in WebPageTest. Due to the wa...

7.4AI score

Exploits0

Packet Storm•added 2024/09/01 12:0 a.m.•432 views

DNS Amplification Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'DNS Amplification Scanner', 'Description' = %q This module can be used to discover DNS servers which expose recursive name lookups which can be...

7.8CVSS7AI score0.67103EPSS

Exploits2

Packet Storm•added 2024/09/01 12:0 a.m.•198 views

SMB SID User Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SMB SID User Enumeration LookupSid', 'Description' = 'Determine what users exist via brute force SID lookups. This module can enumerate both loca...

7.4AI score

Exploits0

Packet Storm•added 2024/09/01 12:0 a.m.•211 views

GitLab User Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'json' class MetasploitModule 'GitLab User Enumeration', 'Description' = " The GitLab 'internal' API is exposed unauthenticated on GitLab. This allows the userna...

7.4AI score

Exploits0

Packet Storm•added 2024/09/01 12:0 a.m.•180 views

BMC TrackIt! Unauthenticated Arbitrary User Password Change

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'BMC TrackIt! Unauthenticated Arbitrary User Password Change', 'Description' = %q This module exploits a flaw in the password reset mechanism in B...

5CVSS7.1AI score0.65703EPSS

Exploits2

Packet Storm•added 2024/09/01 12:0 a.m.•216 views

Typo3 Login Bruteforcer

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Typo3 Login Bruteforcer', 'Description' = 'This module attempts to bruteforce Typo3 logins.', 'Author' = 'Christian Mehlmauer' , 'License' =...

7.4AI score

Exploits0

Packet Storm•added 2024/09/01 12:0 a.m.•264 views

D-Link User-Agent Backdoor Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'D-Link User-Agent Backdoor Scanner', 'Description' = %q This module attempts to find D-Link devices running Alphanetworks web interfaces affected...

7.4AI score

Exploits0

Packet Storm•added 2024/09/01 12:0 a.m.•284 views

Sentry Switched CDU Bruteforce Login Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sentry Switched CDU Bruteforce Login Utility', 'Description' = % This module scans for ServerTech's Sentry Switched CDU Cabinet Power Distributio...

7.4AI score

Exploits0

Packet Storm•added 2024/09/01 12:0 a.m.•210 views

Cisco Network Access Manager Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco Network Access Manager Directory Traversal Vulnerability', 'Description' = %q This module tests whether a directory traversal vulnerability...

7.8CVSS7AI score0.42002EPSS

Exploits2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by