Lucene search
K

16718 matches found

Nuclei
Nuclei
added 16 hours ago103 views

Wing FTP 6.4.4 - Cross-Site Scripting

Wing FTP 6.4.4 is vulnerable to cross-site scripting via its web interface because an arbitrary IFRAME element can be included in the help pages via a crafted link, leading to the execution of sandboxed arbitrary HTML and JavaScript in the user's browser. id: CVE-2020-27735 info: name: Wing FTP...

6.1CVSS6.5AI score0.05626EPSS
Exploits1References5
Nuclei
Nuclei
added 16 hours ago111 views

Rumpus FTP Web File Manager 8.2.9.1 - Cross-Site Scripting

Rumpus FTP Web File Manager 8.2.9.1 contains a reflected cross-site scripting vulnerability via the Login page. An attacker can send a crafted link to end users and can execute arbitrary JavaScript. id: CVE-2019-19368 info: name: Rumpus FTP Web File Manager 8.2.9.1 - Cross-Site Scripting author:...

6.1CVSS6.6AI score0.2102EPSS
Exploits5References5
Nuclei
Nuclei
added yesterday87 views

Apache Solr <= 7.1 - XML Entity Injection

Apache Solr with Apache Lucene before 7.1 is susceptible to remote code execution by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is NOT vulnerable to this. Note that the XML external...

9.8CVSS7.3AI score0.91896EPSS
Exploits11References5
Nuclei
Nuclei
added yesterday30 views

Monsta FTP <= 2.11.2 - Unauthenticated Remote Code Execution

Monsta FTP = 2.11 contains an unrestricted file upload vulnerability caused by lack of authentication on file uploads, letting unauthenticated attackers execute arbitrary code by uploading crafted files. id: CVE-2025-34299 info: name: Monsta FTP = 2.11.2 - Unauthenticated Remote Code Execution...

9.8CVSS7.3AI score0.72667EPSS
Exploits6References3
Nuclei
Nuclei
added yesterday74 views

Wing FTP Server <= 7.4.3 - Path Disclosure via Overlong UID Cookie

Wing FTP Server versions prior to 7.4.4 are vulnerable to an authenticated information disclosure vulnerability CVE-2025-47813. The vulnerability occurs due to improper validation of the 'UID' session cookie in the /loginok.html endpoint. Supplying an overlong UID value causes the server to respo...

10CVSS6.8AI score0.95343EPSS
Exploits24References2
Metasploit
Metasploit
added 4 days ago22 views

FTP Fetch, Reverse TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x64 payload from an FTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x64/peinject/reversetcprc4 msf payloadreversetcprc4 show actions ...actions... msf payloadreversetcprc4 set ACTION msf payloadreversetcprc4 show options ...show and set...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago21 views

FTP Fetch, Bind TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x64 payload from an FTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x64/peinject/bindtcprc4 msf payloadbindtcprc4 show actions ...actions... msf payloadbindtcprc4 set ACTION msf payloadbindtcprc4 show options ...show and set options...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago16 views

FTP Fetch, Windows x64 Reverse Named Pipe (SMB) Stager

Fetch and execute an x64 payload from an FTP server. Connect back to the attacker via a named pipe pivot Module Options msf use payload/cmd/windows/ftp/x64/peinject/reversenamedpipe msf payloadreversenamedpipe show actions ...actions... msf payloadreversenamedpipe set ACTION msf...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago18 views

FTP Fetch, Bind TCP Stager with UUID Support (Windows x64)

Fetch and execute an x64 payload from an FTP server. Listen for a connection with UUID Support Windows x64 Module Options msf use payload/cmd/windows/ftp/x64/meterpreter/bindtcpuuid msf payloadbindtcpuuid show actions ...actions... msf payloadbindtcpuuid set ACTION msf payloadbindtcpuuid show...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago21 views

FTP Fetch, Windows Reverse HTTP Stager (winhttp)

Fetch and execute an x86 payload from an FTP server. Tunnel communication over HTTP Windows winhttp Module Options msf use payload/cmd/windows/ftp/x86/vncinject/reversewinhttp msf payloadreversewinhttp show actions ...actions... msf payloadreversewinhttp set ACTION msf payloadreversewinhttp show...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago19 views

FTP Fetch, Reverse TCP Stager (IPv6)

Fetch and execute an x86 payload from an FTP server. Connect back to the attacker over IPv6 Module Options msf use payload/cmd/windows/ftp/x86/patchupdllinject/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf payloadreverseipv6tcp show...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago28 views

FTP Fetch, Reverse TCP Stager (IPv6)

Fetch and execute an x86 payload from an FTP server. Connect back to the attacker over IPv6 Module Options msf use payload/cmd/windows/ftp/x86/peinject/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf payloadreverseipv6tcp show options...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago19 views

FTP Fetch, Windows Meterpreter Shell, Reverse TCP Inline (IPv6)

Fetch and execute an x86 payload from an FTP server. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/ftp/x86/meterpreterreverseipv6tcp msf payloadmeterpreterreverseipv6tcp show actions ...actions... msf...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago23 views

FTP Fetch, Windows Meterpreter Shell, Bind Named Pipe Inline

Fetch and execute an x86 payload from an FTP server. Connect to victim and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options msf use payload/cmd/windows/ftp/x86/meterpreterbindnamedpipe msf payloadmeterpreterbindnamedpipe show actions ...actions... msf...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago16 views

FTP Fetch, Reverse TCP Stager (RC4 Stage Encryption, Metasm)

Fetch and execute an x86 payload from an FTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x86/dllinject/reversetcprc4 msf payloadreversetcprc4 show actions ...actions... msf payloadreversetcprc4 set ACTION msf payloadreversetcprc4 show options ...show and se...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago16 views

FTP Fetch, Reverse TCP Stager (IPv6)

Fetch and execute an x86 payload from an FTP server. Connect back to the attacker over IPv6 Module Options msf use payload/cmd/windows/ftp/x86/dllinject/reverseipv6tcp msf payloadreverseipv6tcp show actions ...actions... msf payloadreverseipv6tcp set ACTION msf payloadreverseipv6tcp show options...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago28 views

FTP Fetch, Reverse TCP Stager (DNS)

Fetch and execute an x86 payload from an FTP server. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x86/dllinject/reversetcpdns msf payloadreversetcpdns show actions ...actions... msf payloadreversetcpdns set ACTION msf payloadreversetcpdns show options ...show and se...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago17 views

FTP Fetch, Bind IPv6 TCP Stager with UUID Support (Windows x86)

Fetch and execute an x86 payload from an FTP server. Listen for an IPv6 connection with UUID Support Windows x86 Module Options msf use payload/cmd/windows/ftp/x86/meterpreter/bindipv6tcpuuid msf payloadbindipv6tcpuuid show actions ...actions... msf payloadbindipv6tcpuuid set ACTION msf...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago30 views

FTP Fetch, Windows Upload/Execute, Reverse TCP Stager (RC4 Stage Encryption DNS, Metasm)

Fetch and execute an x86 payload from an FTP server. Uploads an executable and runs it staged. Connect back to the attacker Module Options msf use payload/cmd/windows/ftp/x86/upexec/reversetcprc4dns msf payloadreversetcprc4dns show actions ...actions... msf payloadreversetcprc4dns set ACTION msf...

6.2AI score
Exploits0
Metasploit
Metasploit
added 4 days ago22 views

FTP Fetch, Reverse TCP Stager (No NX or Win7)

Fetch and execute an x86 payload from an FTP server. Connect back to the attacker No NX Module Options msf use payload/cmd/windows/ftp/x86/vncinject/reversenonxtcp msf payloadreversenonxtcp show actions ...actions... msf payloadreversenonxtcp set ACTION msf payloadreversenonxtcp show options...

6.2AI score
Exploits0
Rows per page
Query Builder