Lucene search
K

179 matches found

OSV
OSV
added 2026/03/25 7:53 p.m.3 views

GHSA-WXJX-R2J2-96FX AVideo: Full-Read SSRF Through Unvalidated statsURL Parameter in plugin/Live/test.php

Summary The plugin/Live/test.php endpoint accepts a URL via the statsURL parameter and fetches it server-side using filegetcontents, curlexec, or wget, returning the full response content in the HTML output. The only validation is a trivial regex /^http/ that does not block requests to...

4.9CVSS5.8AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.7 views

PT-2026-26400

Summary isPrivateIpv4 in bundled SSRF guard code missed several IPv4 special-use/non-global ranges, so web fetch could allow targets that should be blocked by SSRF policy. Affected Packages / Versions - Package: openclaw npm - Latest published affected version: 2026.2.21-2 published 2026-02-21 -...

6.9CVSS5.9AI score0.00206EPSS
Exploits0References10
CVE
CVE
added 2026/02/25 3:37 p.m.21 views

CVE-2026-27730

esm.sh (a no-build CDN for web development) versions up to and including 137 contain an SSRF (CWE-918) in the /http(s) fetch route. The service validates against localhost/internal targets using hostname string checks, which can be bypassed with DNS alias domains, allowing an external requester t...

8.6CVSS5.5AI score0.00339EPSS
Exploits1References1Affected Software1
Metasploit
Metasploit
added 2026/01/05 6:59 p.m.274 views

HTTP Fetch, Linux Command Shell, Bind TCP Inline

Fetch and execute an RISC-V 32-bit payload from an HTTP server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/http/riscv32le/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show...

5.8AI score
Exploits0
Metasploit
Metasploit
added 2026/01/05 6:59 p.m.334 views

HTTP Fetch, Linux Reboot

Fetch and execute an RISC-V 64-bit payload from an HTTP server. A very small shellcode for rebooting the system using the reboot syscall. This payload is sometimes helpful for testing purposes. Requires CAPSYSBOOT privileges. Module Options msf use payload/cmd/linux/http/riscv64le/reboot msf...

5.8AI score
Exploits0
Metasploit
Metasploit
added 2026/01/05 6:59 p.m.292 views

HTTPS Fetch, Linux Chmod

Fetch and execute an RISC-V 64-bit payload from an HTTPS server. Runs chmod on the specified file with specified mode. Module Options msf use payload/cmd/linux/https/riscv64le/chmod msf payloadchmod show actions ...actions... msf payloadchmod set ACTION msf payloadchmod show options ...show and s...

5.8AI score
Exploits0
Metasploit
Metasploit
added 2026/01/05 6:59 p.m.384 views

HTTP Fetch, Linux Chmod

Fetch and execute an RISC-V 32-bit payload from an HTTP server. Runs chmod on the specified file with specified mode. Module Options msf use payload/cmd/linux/http/riscv32le/chmod msf payloadchmod show actions ...actions... msf payloadchmod set ACTION msf payloadchmod show options ...show and set...

5.8AI score
Exploits0
Metasploit
Metasploit
added 2025/12/09 6:55 p.m.380 views

HTTPS Fetch, Linux Command Shell, Bind TCP Inline

Fetch and execute an MIPSLE payload from an HTTPS server. Listen for a connection and spawn a command shell Module Options msf use payload/cmd/linux/https/ppc/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options...

5.8AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2018-1865

Malware in sbrugna...

5.7CVSS5.6AI score0.01045EPSS
Exploits0References3
Metasploit
Metasploit
added 2025/02/20 6:55 p.m.260 views

HTTP Fetch, Linux Command Shell, Find Port Inline

Fetch and execute an PPC64 payload from an HTTP server. Spawn a shell on an established connection Module Options msf use payload/cmd/linux/http/ppc64/shellfindport msf payloadshellfindport show actions ...actions... msf payloadshellfindport set ACTION msf payloadshellfindport show options ...sho...

7.2AI score
Exploits0
Metasploit
Metasploit
added 2025/02/20 6:55 p.m.276 views

HTTP Fetch, Linux Command Shell, Reverse TCP Stager

Fetch and execute an MIPSLE payload from an HTTP server. Spawn a command shell staged. Connect back to the attacker Module Options msf use payload/cmd/linux/http/mipsle/shell/reversetcp msf payloadreversetcp show actions ...actions... msf payloadreversetcp set ACTION msf payloadreversetcp show...

7.3AI score
Exploits0
Metasploit
Metasploit
added 2025/02/20 6:55 p.m.339 views

HTTP Fetch, Linux Execute Command

Fetch and execute an MIPSLE payload from an HTTP server. A very small shellcode for executing commands. This module is sometimes helpful for testing purposes as well as on targets with extremely limited buffer space. Module Options msf use payload/cmd/linux/http/mipsle/exec msf payloadexec show...

7.4AI score
Exploits0
Metasploit
Metasploit
added 2025/02/20 6:55 p.m.266 views

HTTP Fetch

Fetch and execute an AARCH64 payload from an HTTP server. Module Options msf use payload/cmd/linux/http/aarch64/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf payloadmeterpreterreversehttps set ACTION msf payloadmeterpreterreversehttps show options ...sh...

7.2AI score
Exploits0
Metasploit
Metasploit
added 2025/02/20 6:55 p.m.369 views

HTTP Fetch, Linux Command Shell, Reverse TCP Inline

Fetch and execute an PPC64 payload from an HTTP server. Connect back to attacker and spawn a command shell Module Options msf use payload/cmd/linux/http/ppc64/shellreversetcp msf payloadshellreversetcp show actions ...actions... msf payloadshellreversetcp set ACTION msf payloadshellreversetcp sho...

7.3AI score
Exploits0
Metasploit
Metasploit
added 2025/02/20 6:55 p.m.342 views

HTTP Fetch

Fetch and execute an ARMLE payload from an HTTP server. Module Options msf use payload/cmd/linux/http/armle/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf payloadmeterpreterreversetcp set ACTION msf payloadmeterpreterreversetcp show options ...show and set...

7.2AI score
Exploits0
Metasploit
Metasploit
added 2025/02/20 6:55 p.m.274 views

HTTP Fetch

Fetch and execute an MIPSBE payload from an HTTP server. Module Options msf use payload/cmd/linux/http/mipsbe/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf payloadmeterpreterreversetcp set ACTION msf payloadmeterpreterreversetcp show options ...show and set...

7.2AI score
Exploits0
Metasploit
Metasploit
added 2025/02/20 6:55 p.m.331 views

HTTP Fetch

Fetch and execute an AARCH64 payload from an HTTP server. Module Options msf use payload/cmd/linux/http/aarch64/meterpreterreversetcp msf payloadmeterpreterreversetcp show actions ...actions... msf payloadmeterpreterreversetcp set ACTION msf payloadmeterpreterreversetcp show options ...show and s...

7.2AI score
Exploits0
Metasploit
Metasploit
added 2025/02/20 6:55 p.m.305 views

HTTP Fetch

Fetch and execute an MIPSLE payload from an HTTP server. Module Options msf use payload/cmd/linux/http/mipsle/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf payloadmeterpreterreversehttps set ACTION msf payloadmeterpreterreversehttps show options ...show...

7.2AI score
Exploits0
Metasploit
Metasploit
added 2025/02/20 6:55 p.m.279 views

HTTP Fetch, Linux Command Shell, Reverse TCP Inline

Fetch and execute an ARMLE payload from an HTTP server. Connect to target and spawn a command shell Module Options msf use payload/cmd/linux/http/armle/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show options ...show a...

7.3AI score
Exploits0
Metasploit
Metasploit
added 2025/02/20 6:55 p.m.258 views

HTTP Fetch

Fetch and execute an ARMLE payload from an HTTP server. Module Options msf use payload/cmd/linux/http/armle/meterpreterreversehttps msf payloadmeterpreterreversehttps show actions ...actions... msf payloadmeterpreterreversehttps set ACTION msf payloadmeterpreterreversehttps show options ...show a...

7.2AI score
Exploits0
Rows per page
Query Builder