Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

914 matches found

Metasploit
Metasploitadded 2016/12/23 10:10 p.m.27 views

Chromecast Wifi Enumeration

This module enumerates wireless access points through Chromecast. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Chromecast Wifi Enumeration', 'Description' = %q This module enumerates wireles...

7.1AI score
Exploits0
0day.today
0day.todayadded 2016/11/18 12:0 a.m.35 views

PowerShellEmpire Arbitrary File Upload (Skywalker) Exploit

A vulnerability existed in the PowerShellEmpire server prior to commit f030cf62 which would allow an arbitrary file to be written to an attacker controlled location with the permissions of the Empire server. This exploit will write the payload to /tmp/ directory followed by a cron.d file to execu...

7.3AI score
Exploits0
Packet Storm
Packet Stormadded 2016/11/18 12:0 a.m.57 views

PowerShellEmpire Arbitrary File Upload (Skywalker)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'PowerShellEmpire Arbitrary File Upload Skywalker', 'Description' = %q A vulnerability existed in the PowerShellEmpire server...

0.4AI score
Exploits0
Prion
Prionadded 2016/10/31 10:59 a.m.13 views

Design/Logic Flaw

The sendRequest method in HTTPClient Class in file /inc/HTTPClient.php in DokuWiki 2016-06-26a and older, when media file fetching is enabled, has no way to restrict access to private networks. This allows users to scan ports of internal networks via SSRF, such as 10.0.0.1/8, 172.16.0.0/12, and...

4.3CVSS6.8AI score0.0181EPSS
Exploits1References2Affected Software1
UbuntuCve
UbuntuCveadded 2016/10/31 10:59 a.m.38 views

CVE-2016-7964

The sendRequest method in HTTPClient Class in file /inc/HTTPClient.php in DokuWiki 2016-06-26a and older, when media file fetching is enabled, has no way to restrict access to private networks. This allows users to scan ports of internal networks via SSRF, such as 10.0.0.1/8, 172.16.0.0/12, and...

8.6CVSS7.2AI score0.0181EPSS
Exploits1References2
NVD
NVDadded 2016/10/31 10:59 a.m.17 views

CVE-2016-7964

The sendRequest method in HTTPClient Class in file /inc/HTTPClient.php in DokuWiki 2016-06-26a and older, when media file fetching is enabled, has no way to restrict access to private networks. This allows users to scan ports of internal networks via SSRF, such as 10.0.0.1/8, 172.16.0.0/12, and...

8.6CVSS8.5AI score0.0181EPSS
Exploits1References2
OSV
OSVadded 2016/10/31 10:59 a.m.2 views

DEBIAN-CVE-2016-7964

The sendRequest method in HTTPClient Class in file /inc/HTTPClient.php in DokuWiki 2016-06-26a and older, when media file fetching is enabled, has no way to restrict access to private networks. This allows users to scan ports of internal networks via SSRF, such as 10.0.0.1/8, 172.16.0.0/12, and...

8.6CVSS8.7AI score0.0181EPSS
Exploits1References1
OSV
OSVadded 2016/10/31 10:59 a.m.4 views

UBUNTU-CVE-2016-7964

The sendRequest method in HTTPClient Class in file /inc/HTTPClient.php in DokuWiki 2016-06-26a and older, when media file fetching is enabled, has no way to restrict access to private networks. This allows users to scan ports of internal networks via SSRF, such as 10.0.0.1/8, 172.16.0.0/12, and...

8.6CVSS7.2AI score0.0181EPSS
Exploits1References3
Cvelist
Cvelistadded 2016/10/31 10:0 a.m.31 views

CVE-2016-7964

The sendRequest method in HTTPClient Class in file /inc/HTTPClient.php in DokuWiki 2016-06-26a and older, when media file fetching is enabled, has no way to restrict access to private networks. This allows users to scan ports of internal networks via SSRF, such as 10.0.0.1/8, 172.16.0.0/12, and...

8.4AI score0.0181EPSS
Exploits1References2
CVE
CVEadded 2016/10/31 10:0 a.m.57 views

CVE-2016-7964

CVE-2016-7964 affects DokuWiki (

8.6CVSS8.3AI score0.0181EPSS
Exploits1References2Affected Software1
Debian CVE
Debian CVEadded 2016/10/31 10:0 a.m.26 views

CVE-2016-7964

The sendRequest method in HTTPClient Class in file /inc/HTTPClient.php in DokuWiki 2016-06-26a and older, when media file fetching is enabled, has no way to restrict access to private networks. This allows users to scan ports of internal networks via SSRF, such as 10.0.0.1/8, 172.16.0.0/12, and...

8.6CVSS8.5AI score0.0181EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2016/10/31 12:0 a.m.63 views

FreeBSD : Axis2 -- Security vulnerabilities on dependency Apache HttpClient (ac18046c-9b08-11e6-8011-005056925db4)

"Apache Axis2 reports : Apache Axis2 1.7.4 is a maintenance release that includes fixes for several issues, including the following security issues : Session fixation AXIS2-4739 and XSS AXIS2-5683 vulnerabilities affecting the admin console. A dependency on an Apache HttpClient version affected b...

5.8CVSS6AI score0.09149EPSS
Exploits1References7
Packet Storm
Packet Stormadded 2016/09/22 12:0 a.m.18 views

Metasploit Web UI Diagnostic Console Command Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Metasploit Web UI Diagnostic Console Command Execution', 'Description' = %q This module exploits the "diagnostic console" featu...

0.2AI score
Exploits0
0day.today
0day.todayadded 2016/07/27 12:0 a.m.40 views

Centreon 2.5.3 - Web Useralias Command Execution (Metasploit)

Exploit for python platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Centreon Web Useralias Command Execution', 'Description' = %q Centreon...

7.1AI score
Exploits0
Exploit DB
Exploit DBadded 2016/06/17 12:0 a.m.27 views

op5 7.1.9 - Configuration Command Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'op5 v7.1.9 Configuration Command Execution', 'Description' = %q op5 an open source network monitoring software. The configurati...

7.4AI score
Exploits0
Packet Storm
Packet Stormadded 2016/06/13 12:0 a.m.30 views

Apache Continuum 1.4.2 Arbitrary Command Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Continuum Arbitrary Command Execution', 'Description' = %q This module exploits a command injection in Apache Continuum 'David Shanahan',...

0.7AI score
Exploits0
Packet Storm
Packet Stormadded 2016/06/09 12:0 a.m.30 views

IPFire proxy.cgi Remote Command Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'IPFire proxy.cgi RCE', 'Description' = %q IPFire, a free linux based open source firewall distribution, version 'h00die ', modu...

Exploits0
Packet Storm
Packet Stormadded 2016/06/03 12:0 a.m.113 views

Magento 2.0.6 Unserialize Remote Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Magento 2.0.6 Unserialize Remote Code Execution', 'Description' = %q This module exploits a PHP object injection vulnerability ...

1AI score0.92869EPSS
Exploits10
0day.today
0day.todayadded 2016/05/09 12:0 a.m.36 views

Ruby on Rails - Development Web Console (v2) Code Execution (Metasploit)

Exploit for ruby platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Ruby on Rails Development Web Console v2 Code Execution', 'Description' =...

7.1AI score
Exploits0
Exploit DB
Exploit DBadded 2016/05/09 12:0 a.m.33 views

Ruby on Rails - Development Web Console (v2) Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Ruby on Rails Development Web Console v2 Code Execution', 'Description' = %q This module exploits a remote code execution featu...

7.4AI score
Exploits0
Rows per page
Query Builder