16718 matches found
Wing FTP 6.4.4 - Cross-Site Scripting
Wing FTP 6.4.4 is vulnerable to cross-site scripting via its web interface because an arbitrary IFRAME element can be included in the help pages via a crafted link, leading to the execution of sandboxed arbitrary HTML and JavaScript in the user's browser. id: CVE-2020-27735 info: name: Wing FTP...
Rumpus FTP Web File Manager 8.2.9.1 - Cross-Site Scripting
Rumpus FTP Web File Manager 8.2.9.1 contains a reflected cross-site scripting vulnerability via the Login page. An attacker can send a crafted link to end users and can execute arbitrary JavaScript. id: CVE-2019-19368 info: name: Rumpus FTP Web File Manager 8.2.9.1 - Cross-Site Scripting author:...
Apache Solr <= 7.1 - XML Entity Injection
Apache Solr with Apache Lucene before 7.1 is susceptible to remote code execution by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is NOT vulnerable to this. Note that the XML external...
Monsta FTP <= 2.11.2 - Unauthenticated Remote Code Execution
Monsta FTP = 2.11 contains an unrestricted file upload vulnerability caused by lack of authentication on file uploads, letting unauthenticated attackers execute arbitrary code by uploading crafted files. id: CVE-2025-34299 info: name: Monsta FTP = 2.11.2 - Unauthenticated Remote Code Execution...
Wing FTP Server <= 7.4.3 - Path Disclosure via Overlong UID Cookie
Wing FTP Server versions prior to 7.4.4 are vulnerable to an authenticated information disclosure vulnerability CVE-2025-47813. The vulnerability occurs due to improper validation of the 'UID' session cookie in the /loginok.html endpoint. Supplying an overlong UID value causes the server to respo...
FTP Fetch, Reverse TCP Stager (RC4 Stage Encryption, Metasm)
Fetch and execute an x64 payload from an FTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x64/peinject/reversetcprc4 msf payloadreversetcprc4 show actions ...actions... msf payloadreversetcprc4 set ACTION msf payloadreversetcprc4 show options ...show and set...
FTP Fetch, Bind TCP Stager (RC4 Stage Encryption, Metasm)
Fetch and execute an x64 payload from an FTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x64/peinject/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf payloadbindtcprc4 show options ...show and set options...
FTP Fetch, Windows x64 Reverse Named Pipe (SMB) Stager
Fetch and execute an x64 payload from an FTP server. Connect back to the attacker via a named pipe pivot Module Options msf use payload/cmd/windows/ftp/x64/peinject/reversenamedpipe msf payloadreversenamedpipe show actions ...actions... msf payloadreversenamedpipe set ACTION msf...
FTP Fetch, Bind TCP Stager with UUID Support (Windows x64)
Fetch and execute an x64 payload from an FTP server. Listen for a connection with UUID Support Windows x64 Module Options msf use payload/cmd/windows/ftp/x64/meterpreter/bindtcpuuid msf payloadbindtcpuuid show actions ...actions... msf payloadbindtcpuuid set ACTION msf payloadbindtcpuuid show...
FTP Fetch, Windows Reverse HTTP Stager (winhttp)
Fetch and execute an x86 payload from an FTP server. Tunnel communication over HTTP Windows winhttp Module Options msf use payload/cmd/windows/ftp/x86/vncinject/reversewinhttp msf payloadreversewinhttp show actions ...actions... msf payloadreversewinhttp set ACTION msf payloadreversewinhttp show...
FTP Fetch, Reverse TCP Stager (IPv6)
Fetch and execute an x86 payload from an FTP server. Connect back to the attacker over IPv6 Module Options msf use payload/cmd/windows/ftp/x86/patchupdllinject/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf payloadreverseipv6tcp show...
FTP Fetch, Reverse TCP Stager (IPv6)
Fetch and execute an x86 payload from an FTP server. Connect back to the attacker over IPv6 Module Options msf use payload/cmd/windows/ftp/x86/peinject/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf payloadreverseipv6tcp show options...
FTP Fetch, Windows Meterpreter Shell, Reverse TCP Inline (IPv6)
Fetch and execute an x86 payload from an FTP server. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/ftp/x86/meterpreterreverseipv6tcp msf payloadmeterpreterreverseipv6tcp show actions ...actions... msf...
FTP Fetch, Windows Meterpreter Shell, Bind Named Pipe Inline
Fetch and execute an x86 payload from an FTP server. Connect to victim and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/ftp/x86/meterpreterbindnamedpipe msf payloadmeterpreterbindnamedpipe show actions ...actions... msf...
FTP Fetch, Reverse TCP Stager (RC4 Stage Encryption, Metasm)
Fetch and execute an x86 payload from an FTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x86/dllinject/reversetcprc4 msf payloadreversetcprc4 show actions ...actions... msf payloadreversetcprc4 set ACTION msf payloadreversetcprc4 show options ...show and se...
FTP Fetch, Reverse TCP Stager (IPv6)
Fetch and execute an x86 payload from an FTP server. Connect back to the attacker over IPv6 Module Options msf use payload/cmd/windows/ftp/x86/dllinject/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf payloadreverseipv6tcp show options...
FTP Fetch, Reverse TCP Stager (DNS)
Fetch and execute an x86 payload from an FTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x86/dllinject/reversetcpdns msf payloadreversetcpdns show actions ...actions... msf payloadreversetcpdns set ACTION msf payloadreversetcpdns show options ...show and se...
FTP Fetch, Bind IPv6 TCP Stager with UUID Support (Windows x86)
Fetch and execute an x86 payload from an FTP server. Listen for an IPv6 connection with UUID Support Windows x86 Module Options msf use payload/cmd/windows/ftp/x86/meterpreter/bindipv6tcpuuid msf payloadbindipv6tcpuuid show actions ...actions... msf payloadbindipv6tcpuuid set ACTION msf...
FTP Fetch, Windows Upload/Execute, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)
Fetch and execute an x86 payload from an FTP server. Uploads an executable and runs it staged. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x86/upexec/reversetcprc4dns msf payloadreversetcprc4dns show actions ...actions... msf payloadreversetcprc4dns set ACTION msf...
FTP Fetch, Reverse TCP Stager (No NX or Win7)
Fetch and execute an x86 payload from an FTP server. Connect back to the attacker No NX Module Options msf use payload/cmd/windows/ftp/x86/vncinject/reversenonxtcp msf payloadreversenonxtcp show actions ...actions... msf payloadreversenonxtcp set ACTION msf payloadreversenonxtcp show options...