EUVD-2026-37853

Cotonti 1.0.0 master branch, commit f43f1fc3 is vulnerable to Cross-Site Request Forgery in the administration configuration handler. In system/admin/admin.config.php, the configuration update action 'a=update' processes POST data via cotconfigupdateoptions without calling cotcheckxg to validate...

metasploit-cheatsheet

Metasploit Cheatsheet A practical reference for using Metaspl...

CVE-2026-5463

Command injection vulnerability in console.runmodulewithoutput in pymetasploit3 through version 1.0.6 allows attackers to inject newline characters into module options such as RHOSTS. This breaks the intended command structure and causes the Metasploit console to execute additional unintended...

CVE-2026-5463

Command injection vulnerability in console.runmodulewithoutput in pymetasploit3 through version 1.0.6 allows attackers to inject newline characters into module options such as RHOSTS. This breaks the intended command structure and causes the Metasploit console to execute additional unintended...

CVE-2026-5463

The vulnerability CVE-2026-5463 affects the pymetasploit3 project (through version 1.0.6) where console.run_module_with_output() accepts newline characters in module options (e.g., RHOSTS). This can break the intended command structure and cause the Metasploit console to execute additional uninte...

CVE-2026-5463

Command injection vulnerability in console.runmodulewithoutput in pymetasploit3 through version 1.0.6 allows attackers to inject newline characters into module options such as RHOSTS. This breaks the intended command structure and causes the Metasploit console to execute additional unintended...

Linux Chmod

Runs chmod on the specified file with specified mode. Module Options msf use payload/linux/riscv32le/chmod msf payloadchmod show actions ...actions... msf payloadchmod set ACTION msf payloadchmod show options ...show and set options... msf payloadchmod run This module requires Metasploit:...

ReDoc API Docs UI Exposed

Detects publicly exposed ReDoc API documentation pages. The module performs safe, read-only GET requests and reports likely ReDoc instances based on HTML markers. Module Options msf use auxiliary/scanner/http/redocexposed msf auxiliaryredocexposed show actions ...actions... msf...

LDAP Update Object

This module allows creating, reading, updating and deleting attributes of LDAP objects. Users can specify the object and must specify a corresponding attribute. Module Options msf use auxiliary/admin/ldap/ldapobjectattribute msf auxiliaryldapobjectattribute show actions ...actions... msf...

Linux: Read files in /etc/modprobe.d/ (KB)

Because the modprobe command can add or remove more than one module, due to module dependencies, we need a method of specifying what options are to be used with those modules. All files underneath the /etc/modprobe.d directory which end with the .conf extension specify those options as required...