CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Packet Storm•added 2024/08/31 12:0 a.m.•169 views

Microsoft SQL Server SQL Injection SUSER_SNAME Windows Domain Account Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SQL Server SQLi SUSERSNAME Windows Domain Account Enumeration', 'Description' = %q This module can be used to bruteforce RIDs associate...

Packet Storm•added 2024/08/31 12:0 a.m.•227 views

NetBIOS Response BadTunnel Brute Force Spoof (NAT Tunnel)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NetBIOS Response "BadTunnel" Brute Force Spoof NAT Tunnel', 'Description' = %q This module listens for a NetBIOS name request and then continuous...

10CVSS7AI score0.78311EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•200 views

Oracle TNS Listener SID Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle TNS Listener SID Enumeration', 'Description' = %q This module simply queries the TNS listener for the Oracle SID. With Oracle 9.2.0.8 and...

Packet Storm•added 2024/08/31 12:0 a.m.•182 views

Apple TV Video Remote Control

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule 'Apple TV Video Remote Control', 'Description' = %q This module plays a video on an AppleTV device. Note that AppleTV can be somewha...

Packet Storm•added 2024/08/31 12:0 a.m.•134 views

Sophos Web Protection Appliance Patience.cgi Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule 'Sophos Web Protection Appliance patience.cgi Directory Traversal', 'Description' = %q This module abuses a directory traversal in...

5CVSS7AI score0.8235EPSS

Exploits10

Packet Storm•added 2024/08/31 12:0 a.m.•144 views

Ruby WEBrick::HTTP::DefaultFileHandler Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ruby WEBrick::HTTP::DefaultFileHandler DoS', 'Description' = %q The WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6...

7.8CVSS7AI score0.7933EPSS

Exploits3

Packet Storm•added 2024/08/31 12:0 a.m.•152 views

pSnuffle Packet Sniffer

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework dsniff was helping me very often. Too bad that it doesn't work correctly anymore. Psnuffle should bring password sniffing into Metasploit local and if we get lucky even...

Packet Storm•added 2024/08/31 12:0 a.m.•128 views

AlienVault Authenticated SQL Injection Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "AlienVault Authenticated SQL Injection Arbitrary File Read", 'Description' = %q AlienVault 4.5.0 is susceptible to an authenticated SQL injection...

Packet Storm•added 2024/08/31 12:0 a.m.•147 views

Pimcore Gather Credentials via SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pimcore Gather Credentials via SQL Injection', 'Description' = %q This module extracts the usernames and hashed passwords of all users of the...

6.5CVSS7AI score0.01507EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•258 views

Cisco ASA Authentication Bypass (EXTRABACON)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco ASA Authentication Bypass EXTRABACON', 'Description' = %q This module patches the authentication functions of a Cisco ASA to allow...

8.8CVSS7.2AI score0.90783EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•203 views

SysAid Help Desk Database Credentials Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'openssl' class MetasploitModule 'SysAid Help Desk Database Credentials Disclosure', 'Description' = %q This module exploits a vulnerability in SysAid Help Desk...

8.5CVSS7AI score0.88235EPSS

Exploits10

Packet Storm•added 2024/08/31 12:0 a.m.•166 views

Ubee DDW3611b Cable Modem Wifi Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ubee DDW3611b Cable Modem Wifi Enumeration', 'Description' = %q This module will extract WEP keys and WPA preshared keys from certain Ubee cable...

Packet Storm•added 2024/08/31 12:0 a.m.•352 views

OpenEMR 5.0.1 Patch 6 SQL Injection

require 'csv' This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenEMR 5.0.1 Patch 6 SQLi Dump', 'Description' = ' This module exploits a SQLi vulnerability found in OpenEMR version 5.0.1 Patch ...

9.8CVSS7AI score0.11666EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•175 views

Xerox Workcentre 5735 LDAP Service Redential Extractor

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Xerox Workcentre 5735 LDAP Service Redential Extractor', 'Description' = %q This module extract the printer's LDAP username and password from Xer...

Packet Storm•added 2024/08/31 12:0 a.m.•302 views

ManageEngine ADAudit Plus Xnode Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine ADAudit Plus Xnode Enumeration', 'Description' = %q This module exploits default admin credentials for the DataEngine Xnode server i...

10CVSS9.6AI score0.89808EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•186 views

Jasmin Ransomware Web Server Unauthenticated SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Jasmin Ransomware Web Server Unauthenticated SQL Injection', 'Description' = %q The Jasmin Ransomware web server contains an unauthenticated SQL...

7AI score0.75688EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•124 views

FreeBSD Remote NFS RPC Request Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FreeBSD Remote NFS RPC Request Denial of Service', 'Description' = %q This module sends a specially-crafted NFS Mount request causing a kernel...

7.8CVSS7AI score0.79325EPSS