Lucene search
K

63 matches found

OSV
OSV
added 2026/06/11 7:24 a.m.10 views

MAL-2026-5604 Malicious code in cache-section-helper (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector cad3d2732831e4b798073aff289abd1abdbb718b4caa9e4f970a0dd3f7733653 package.json declares a postinstall hook node -e "require'./loader.js'" that runs automatically on every npm install. loader.js hex-decodes the strin...

5.9AI score
Exploits0References2
Packet Storm
Packet Storm
added 2024/11/13 12:0 a.m.482 views

Palo Alto Expedition 1.2.91 Remote Code Execution

class MetasploitModule 'Palo Alto Expedition Remote Code Execution CVE-2024-5910 and CVE-2024-9464', 'Description' = %q Obtain remote code execution in Palo Alto Expedition version 1.2.91 and below. The first vulnerability, CVE-2024-5910, allows to reset the password of the admin user, and the...

9.8CVSS7.3AI score0.91783EPSS
Exploits14
Packet Storm
Packet Storm
added 2024/09/24 12:0 a.m.493 views

Traccar 5.12 Remote Code Execution

class MetasploitModule 'Traccar v5 Remote Code Execution CVE-2024-31214 and CVE-2024-24809', 'Description' = %q Remote Code Execution in Traccar v5.1 - v5.12. Remote code execution can be obtained by combining two vulnerabilities: A path traversal vulnerability CVE-2024-24809 and an unrestricted...

9.6CVSS7.1AI score0.54413EPSS
Exploits11
Metasploit
Metasploit
added 2024/08/28 6:52 p.m.803 views

pgAdmin Binary Path API RCE

pgAdmin use exploit/windows/http/pgadminbinarypathapi msf exploitpgadminbinarypathapi show targets ...targets... msf exploitpgadminbinarypathapi set TARGET msf exploitpgadminbinarypathapi show options ...show and set options... msf exploitpgadminbinarypathapi exploit This module requires...

9.8CVSS8.3AI score0.64846EPSS
Exploits5
Packet Storm
Packet Storm
added 2024/02/02 12:0 a.m.464 views

Fortra GoAnywhere MFT Unauthenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Fortra GoAnywhere MFT Unauthenticated Remote Code Execution', 'Description' = %q This module exploits a vulnerability in Fortra GoAnywhere MFT th...

9.8CVSS7.4AI score0.95086EPSS
Exploits8
Metasploit
Metasploit
added 2024/01/17 7:50 p.m.196 views

Ansible Agent Payload Deployer

This exploit module creates an ansible module for deployment to nodes in the network. It creates a new yaml playbook which copies our payload, chmods it, then runs it on all targets which have been selected default all. Module Options msf use exploit/linux/local/ansiblenodedeployer msf...

7AI score
Exploits0
Packet Storm
Packet Storm
added 2023/09/27 12:0 a.m.461 views

Microsoft Error Reporting Local Privilege Elevation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Error Reporting Local Privilege Elevation Vulnerability', 'Description' = %q This module takes advantage of a bug in the way Windows...

7.8CVSS7.1AI score0.32309EPSS
Exploits5
0day.today
0day.today
added 2023/09/27 12:0 a.m.423 views

Microsoft Error Reporting Local Privilege Elevation Exploit

This Metasploit module takes advantage of a bug in the way Windows error reporting opens the report parser. If you open a report, Windows uses a relative path to locate the rendering program. By creating a specific alternate directory structure, we can coerce Windows into opening an arbitrary...

7.8CVSS6.7AI score0.32309EPSS
Exploits5
Metasploit
Metasploit
added 2022/10/04 7:49 p.m.247 views

Remote Mouse RCE

This module utilizes the Remote Mouse Server by Emote Interactive protocol to deploy a payload and run it from the server on versions use exploit/windows/misc/remotemouserce msf exploitremotemouserce show targets ...targets... msf exploitremotemouserce set TARGET msf exploitremotemouserce show...

9.8CVSS9.2AI score0.02044EPSS
Exploits3
0day.today
0day.today
added 2022/08/10 12:0 a.m.630 views

Zimbra zmslapd Privilege Escalation Exploit

This Metasploit module exploits CVE-2022-37393, which is a vulnerability in Zimbra's sudo configuration that permits the zimbra user to execute the zmslapd binary as root with arbitrary parameters. As part of its intended functionality, zmslapd can load a user-defined configuration file, which...

7.8CVSS0.4AI score0.01683EPSS
Exploits4
Metasploit
Metasploit
added 2022/02/08 5:42 p.m.121 views

QEMU Monitor HMP 'migrate' Command Execution

This module uses QEMU's Monitor Human Monitor Interface HMP TCP server to execute system commands using the migrate command. This module has been tested successfully on QEMU version 6.2.0 on Ubuntu 20.04. Module Options msf use exploit/multi/misc/qemumonitorhmpmigratecmdexec msf...

10CVSS9.6AI score0.23036EPSS
Exploits2
0day.today
0day.today
added 2021/09/17 12:0 a.m.509 views

Git git-lfs Remote Code Execution Exploit

This Metasploit modules exploits a critical vulnerability in Git Large File Storage Git LFS, an open source Git extension for versioning large files, which allows attackers to achieve remote code execution if the Windows-using victim is tricked into cloning the attacker’s malicious repository usi...

9.8CVSS9.1AI score0.82715EPSS
Exploits14
Packet Storm
Packet Storm
added 2021/07/21 12:0 a.m.318 views

Sage X3 Administration Service Authentication Bypass / Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sage X3 Administration Service Authentication Bypass Command Execution', 'Description' = %q This module leverages an authentication bypass exploi...

1AI score0.70268EPSS
Exploits7
Metasploit
Metasploit
added 2021/04/16 5:42 p.m.306 views

Citrix ADC (NetScaler) Directory Traversal RCE

This module exploits a directory traversal in Citrix Application Delivery Controller ADC, aka NetScaler, and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0, to execute an arbitrary command payload. Module Options msf use exploit/freebsd/http/citrixdirtraversalrce msf exploitcitrixdirtraversalrce show...

9.8CVSS9.9AI score0.99999EPSS
Exploits48
Exploit DB
Exploit DB
added 2021/01/08 12:0 a.m.196 views

WordPress Plugin Autoptimize 2.7.6 - Authenticated Arbitrary File Upload (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress Autoptimize Authenticated File Upload', 'Description' = %q The aoccssimport AJAX call does not ensure that the file provided is a...

7.2CVSS7.4AI score0.13139EPSS
Exploits6
Packet Storm
Packet Storm
added 2020/10/20 12:0 a.m.757 views

Linux / Unix su Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Login to Another User with Su on Linux / Unix Systems', 'Description' = %q This module attempts to create a new login session by invoking the su...

0.9AI score
Exploits0
Packet Storm
Packet Storm
added 2020/06/18 12:0 a.m.753 views

Cayin CMS NTP Server 11.0 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cayin CMS NTP Server RCE', 'Description' = %q This module exploits an authenticated RCE in Cayin CMS MSFLICENSE, 'Author' = 'h00die', msf module...

0.2AI score0.33874EPSS
Exploits8
Exploit DB
Exploit DB
added 2020/04/16 12:0 a.m.187 views

VMware Fusion - USB Arbitrator Setuid Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMware Fusion USB Arbitrator Setuid Privilege Escalation', 'Description' = %q This exploits an improper use of setuid binaries within VMware Fusi...

7.8CVSS7.4AI score0.07254EPSS
Exploits10
Packet Storm
Packet Storm
added 2020/03/29 12:0 a.m.183 views

Redis Replication Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Redis Replication Code Execution', 'Description' = %q This module can be used to leverage the extension functionality added since Redis 4.0.0 to...

7.4AI score
Exploits0
Metasploit
Metasploit
added 2020/03/28 3:37 a.m.91 views

Redis Replication Code Execution

This module can be used to leverage the extension functionality added since Redis 4.0.0 to execute arbitrary code. To transmit the given extension it makes use of the feature of Redis which called replication between master and slave. This module requires Metasploit: https://metasploit.com/downlo...

7.7AI score
Exploits0
Rows per page
Query Builder