LNK Code Execution Vulnerability

This module exploits a vulnerability in the handling of Windows Shortcut files .LNK that contain a dynamic icon, loaded from a malicious DLL. This vulnerability is a variant of MS15-020 CVE-2015-0096. The created LNK file is similar except an additional SpecialFolderDataBlock is included. The...

AjaxExplorer 1.10.3.2 - Multiple Vulnerabilities

AjaxExplorer 1.10.3.2 - Multiple Vulnerabilities + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AJAXEXPLORER-REMOTE-CMD-EXECUTION.txt + ISR: apparitionsec Vendor: ========== sourceforge.net smsid download linx:...

Windows Gather Total Commander Saved Password Extraction

This module extracts weakly encrypted saved FTP Passwords from Total Commander. It finds saved FTP connections in the wcxftp.ini file. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows...

PYSEC-2010-17

Multiple cross-site scripting XSS vulnerabilities in MoinMoin 1.7.3 and earlier, and 1.9.x before 1.9.3, allow remote attackers to inject arbitrary web script or HTML via crafted content, related to 1 action/LikePages.py, 2 action/chart.py, and 3 action/userprofile.py, a similar issue to...

CVE-2010-2969

Removed by vendor...

CVE-2008-2093

SQL injection vulnerability in the Profiler comcomprofiler component in Community Builder for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the user parameter in a userProfile action to index.php...

Sql injection

SQL injection vulnerability in the Profiler comcomprofiler component in Community Builder for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the user parameter in a userProfile action to index.php...