CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

914 matches found

Metasploit•added 2012/02/16 8:19 a.m.•12 views

VMWare Enumerate Permissions

This module will log into the Web API of VMWare and try to enumerate all the user/group permissions. Unlike enum users this is only users and groups that specifically have permissions defined within the VMware product This module requires Metasploit: https://metasploit.com/download Current source...

7.2AI score

Exploits0

Metasploit•added 2012/02/13 6:5 p.m.•27 views

VMWare Web Login Scanner

This module attempts to authenticate to the VMWare HTTP service for VmWare Server, ESX, and ESXI This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMWare Web Login Scanner', 'Description' = 'This...

7.5CVSS0.5AI score0.51933EPSS

Exploits41

Metasploit•added 2011/12/08 12:42 a.m.•22 views

Yaws Web Server Directory Traversal

This module exploits a directory traversal bug in Yaws v1.9.1 or less. The module can only be used to retrieve files. However, code execution might be possible. Because when the malicious user sends a PUT request, a file is actually created, except no content is written. This module requires...

6.5CVSS6.8AI score0.16142EPSS

Exploits3

0day.today•added 2011/12/07 12:0 a.m.•28 views

Family Connections less.php Remote Command Execution

Exploit for php platform in category web applications This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

7.1AI score

Exploits0

Exploit DB•added 2011/10/25 12:0 a.m.•43 views

phpLDAPadmin 1.2.1.1 - Remote PHP Code Injection (Metasploit) (2)

$Id: phpldapadminqueryengine.rb 14060 2011-10-25 05:25:39Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

7.4AI score

Exploits0

Packet Storm•added 2011/10/10 12:0 a.m.•33 views

Spreecommerce 0.60.1 Arbitrary Command Execution

$Id: spreesearchexec.rb 13831 2011-10-07 17:45:15Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

0.8AI score

Exploits0

Packet Storm•added 2011/08/21 12:0 a.m.•46 views

Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability

$Id: osbunamejlist.rb 13591 2011-08-19 18:35:29Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

5CVSS0.5AI score0.5156EPSS

Exploits6

Metasploit•added 2011/08/19 6:35 p.m.•53 views

Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability

This module exploits an authentication bypass vulnerability in login.php. In conjunction with the authentication bypass issue, the 'jlist' parameter in propertybox.php can be used to execute arbitrary system commands. This module was tested against Oracle Secure Backup version 10.3.0.1.0 This...

5CVSS1AI score0.5156EPSS

Exploits6

0day.today•added 2011/07/28 12:0 a.m.•55 views

Joomla 1.5 com_virtuemart <= 1.1.7 Blind time-based SQL Injection (MSF)

Exploit for php platform in category web applications Exploit Title: Joomla 1.5 comvirtuemart 'Joomla 1.5 VirtueMart Component %q A vulnerability was discovered by Rocco Calvi and Steve Seeley which identifies unauthenticated time-based blind SQL injection in the "page" variable of the virtuemart...

7.1AI score

Exploits0

Exploit DB•added 2011/07/28 12:0 a.m.•46 views

Joomla! Component com_virtuemart 1.1.7/1.5 - Blind SQL Injection (Metasploit)

Exploit Title: Joomla 1.5 comvirtuemart 'Joomla 1.5 VirtueMart Component %q A vulnerability was discovered by Rocco Calvi and Steve Seeley which identifies unauthenticated time-based blind SQL injection in the "page" variable of the virtuemart component. This vulnerability allows an attacker to...

7.4AI score

Exploits0

Metasploit•added 2011/07/16 5:14 a.m.•40 views

HP OpenView Network Node Manager Toolbar.exe CGI Cookie Handling Buffer Overflow

This module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.0 and 7.53. By sending a CGI request with a specially OvOSLocale cookie to Toolbar.exe, an attacker may be able to execute arbitrary code. Please note that this module only works against a specific build i.e. NNM...

7.5CVSS8AI score0.7494EPSS

Exploits11

OpenVAS•added 2011/07/12 12:0 a.m.•28 views

Fedora Update for httpcomponents-client FEDORA-2011-7747

Check for the Version of httpcomponents-client OpenVAS Vulnerability Test Fedora Update for httpcomponents-client FEDORA-2011-7747 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...

4.3CVSS8.7AI score0.06685EPSS

Exploits0References2

OSV•added 2011/07/07 9:55 p.m.•9 views

CVE-2011-1498

Apache HttpClient 4.x before 4.1.1 in Apache HttpComponents, when used with an authenticating proxy server, sends the Proxy-Authorization header to the origin server, which allows remote web servers to obtain sensitive information by logging this header...

5.9AI score

Exploits0References14

NVD•added 2011/07/07 9:55 p.m.•21 views

CVE-2011-1498

4.3CVSS8.7AI score0.06685EPSS

Exploits0References14

UbuntuCve•added 2011/07/07 9:55 p.m.•37 views

CVE-2011-1498

4.3CVSS6.9AI score0.06685EPSS

Exploits0References2

CVE•added 2011/07/07 9:0 p.m.•124 views

CVE-2011-1498

CVE-2011-1498 : Apache HttpClient (HttpComponents) 4.x release before 4.1.1 is vulnerable when used with an authenticating proxy; the Proxy-Authorization header is sent to the origin server, potentially logging sensitive credentials and exposing passwords. The description does not specify affecte...

4.3CVSS8.2AI score0.06685EPSS

Exploits0References14Affected Software1

0day.today•added 2011/06/06 12:0 a.m.•31 views

Kleophatra v0.1.5 'TinyBrowser' File Upload Code Execution (meta)

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

7.1AI score

Exploits0

Packet Storm•added 2011/06/04 12:0 a.m.•38 views

Kleophatra 0.1.5 TinyBrowser File Upload Code Execution

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

7.4AI score

Exploits0

0day.today•added 2011/04/22 12:0 a.m.•31 views

Spreecommerce < 0.50.0 Arbitrary Command Execution

Exploit for unix platform in category remote exploits $Id: spreesearchlogicexec.rb 12397 2011-04-21 19:38:42Z swtornio $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more informatio...

7.1AI score

Exploits0

Packet Storm•added 2011/03/23 12:0 a.m.•37 views

HP NNM CGI webappmon.exe OvJavaLocale Buffer Overflow

$Id: hpnnmwebappmonovjavalocale.rb 12087 2011-03-23 03:39:12Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

9.3CVSS0.7AI score0.42261EPSS

Exploits10

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by