425 matches found
Immunity Canvas: SMBGHOST
Name| SMBGHOST ---|--- CVE| CVE-2020-0796-1 Exploit Pack| CANVAS Description| SMBGHOST Notes| CVE Name: CVE-2020-0796 VENDOR: Microsoft NOTES: some notes here VersionsAffected: VERSIONS Repeatability: None References:...
Immunity Canvas: SMBGHOST_LPE
Name| smbghostlpe ---|--- CVE| CVE-2020-0796 Exploit Pack| CANVAS Description| smbghostlpe Notes| CVE Name: CVE-2020-0796 Notes: Tested: - Windows 10 1903 x64 - Windows 10 1909 x64 VENDOR: Microsoft CVE Url: https://nvd.nist.gov/vuln/detail/CVE-2020-0796 CVSS: 10.0...
Immunity Canvas: SSRS_VIEWSTATE_RCE
Name| ssrsviewstaterce ---|--- CVE| CVE-2020-0618 Exploit Pack| CANVAS Description| ssrsviewstaterce Notes| CVE Name: CVE-2020-0618 VENDOR: Microsoft NOTES: This exploit has been tested on SQL Server 2016 VersionsAffected: VERSIONS Repeatability: Infinite References:...
Immunity Canvas: OWA_RCE
Name| owarce ---|--- CVE| CVE-2020-0688 Exploit Pack| CANVAS Description| owarce Notes| CVE Name: CVE-2020-0688 VENDOR: Microsoft NOTES: This exploit has been tested on Microsoft Exchange Server 2016 CU 15 VersionsAffected: VERSIONS Repeatability: Infinite References:...
Immunity Canvas: ZABBIX
Name| zabbix ---|--- CVE| CVE-2013-3628 Exploit Pack| CANVAS Description| Zabbix = 2.0.8 PHP File inclusion exploit Notes| Repeatability: Infinite VENDOR: Zabbix CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-3628 CVE Name: CVE-2013-3628...
Immunity Canvas: NETSCALER_TRAVERSAL_RCE
Name| netscalertraversalrce ---|--- CVE| CVE-2019-19781 Exploit Pack| CANVAS Description| netscalertraversalrce Notes| CVE Name: CVE-2019-19781 VENDOR: Citrix NOTES: This version of the module will take care of all our artifacts and will report them just to be safe in case something went wrong...
Immunity Canvas: RCONFIG_AJAXSERVER_RCE
Name| rconfigajaxserverrce ---|--- CVE| CVE-2019-16662 Exploit Pack| CANVAS Description| rconfigajaxserverrce Notes| CVE Name: CVE-2019-16662 VENDOR: rConfig NOTES: The current exploit initializes a tcp server to serve the mosdef callback port 8080 IMPORTANT: In the path textfield you need the pa...
Immunity Canvas: ERROR_REPORTING_LPE
Name| errorreportinglpe ---|--- CVE| CVE-2019-1315 Exploit Pack| CANVAS Description| Windows Error Reporting Manager arbitrary file move LPE Notes| CVE Name: CVE-2019-1315 Notes: Repeatability: Once IMPORTANT: This Local Privilege Escalation exploit module only works without internet conection Th...
Immunity Canvas: VBULLETIN_WIDGET_RCE
Name| vbulletinwidgetrce ---|--- CVE| CVE-2019-16759 Exploit Pack| CANVAS Description| RCE via widgetConfigcode paramater in vBulletin Notes| CVE Name: CVE-2019-16759 VENDOR: vBulletin NOTES: An unauthenticated code execution bug can be exploited on the vBulletin core for the following versions:...
Immunity Canvas: ALPC_APPXEDGE_LPE
Name| alpcappxedgelpe ---|--- CVE| CVE-2019-1253 Exploit Pack| CANVAS Description| ALPC Appx Edge LPE Notes| CVE Name: CVE-2019-1253 Notes: Affected versions: Windows 10 1703 x64 Windows 10 1703 x86 Windows 10 1709 x64 Windows 10 1709 x86 Windows 10 1803 x64 Windows 10 1803 x86 Windows 10 1809 x6...
Immunity Canvas: SNAPD_UID_OVERWRITE
Name| snapduidoverwrite ---|--- CVE| CVE-2019-7304 Exploit Pack| CANVAS Description| snapduidoverwrite Notes| CVE Name: CVE-2019-7304 VENDOR: snapd team NOTES: The snapd service runs as an REST API using a Unix Domain Socket, is possible to send request when the uid is 0 root, the vulnerability i...
Immunity Canvas: ALPC_TAKEOVER_LPE
Name| alpctakeoverlpe ---|--- CVE| CVE-2019-0841 Exploit Pack| CANVAS Description| ALPC Takeover LPE Notes| CVE Name: CVE-2019-0841 NOTES: Works with Medium Integrity Level Tested: - Windows 10 1703 x64 - Windows 10 1709 x64 - Windows 10 1803 x86, x64 - Windows 10 1809 x86, x64 VENDOR: Microsoft...
Immunity Canvas: DDE_CLOSEHANDLE_LPE
Name| ddeclosehandlelpe ---|--- CVE| CVE-2019-0803 Exploit Pack| CANVAS Description| ddeclosehandlelpe Notes| CVE Name: CVE-2019-0803 Notes: Tested: - Windows 7 x64 - Windows 10 x64 1703 VENDOR: Microsoft CVE Url: https://nvd.nist.gov/vuln/detail/CVE-2019-0803 CVSS: 7.8...
Immunity Canvas: MENU_CONFUSION_LPE
Name| menuconfusionlpe ---|--- CVE| CVE-2019-0859 Exploit Pack| CANVAS Description| Menu Confusion LPE Notes| CVE Name: CVE-2019-0859 Notes: Tested: - Windows 7 x64 - Windows 8.1 x64 Untested: - Windows 10 x64 1607 It should work on Windows 10 x64 1607 version but it is untested VENDOR: Microsoft...
Immunity Canvas: CONFLUENCE_MACRO_LFI
Name| confluencemacrolfi ---|--- CVE| CVE-2019-3396 Exploit Pack| CANVAS Description| Confluence Server and Data Center - LFI CVE-2019-3396 Notes| Repeatability: NOTES: A Default behavior =================== By default, this module attempts to automatically locate and then fetch the confluence...
Immunity Canvas: DESTROYCLASS_UAF_LPE
Name| destroyclassuaflpe ---|--- CVE| CVE-2019-0623 Exploit Pack| CANVAS Description| DestroyClass UAF LPE Notes| CVE Name: CVE-2019-0623 Notes: Tested: - Windows 7 x64 VENDOR: Microsoft CVE Url: https://nvd.nist.gov/vuln/detail/CVE-2019-0623 CVSS: 10.0...
Immunity Canvas: DRUPAL_SERVICES_RCE
Name| drupalservicesrce ---|--- CVE| CVE-2019-6340 Exploit Pack| CANVAS Description| CVE-2019-6340 Notes| CVE Name: CVE-2019-6340 VENDOR: Drupal NOTES: An unauthenticated unserialization bug can be exploited on the RESTful Web Services module on the Drupal core for the following versions: 7.X...
Immunity Canvas: ADOBE_FLASH_METADATA_UAF
Name| adobeflashmetadatauaf ---|--- CVE| CVE-2018-15982 Exploit Pack| CANVAS Description| adobeflashmetadatauaf Notes| CVE Name: CVE-2018-15982 VENDOR: Adobe NOTES: In the package com.adobe.tvsdk.mediacore.metadata the setObject method does not set a reference to the key String Object so if we...
Immunity Canvas: JQUERY_FILE_UPLOAD
Name| jqueryfileupload ---|--- CVE| CVE-2018-9206 Exploit Pack| CANVAS Description| Blueimp jQuery-File-Upload Arbitrary Upload Notes| CVE Name: CVE-2018-9206 VENDOR: Notes: The exploit tests different paths on the target server Repeatability: Infinite References:...
Immunity Canvas: SETWINDOWFNID_LPE
Name| setwindowfnidlpe ---|--- CVE| CVE-2018-8453 Exploit Pack| CANVAS Description| SetWindowFNID LPE Notes| CVE Name: CVE-2018-8453 Notes: Tested: - Windows 10 x64 1703 - Windows 10 x64 1709 VENDOR: Microsoft CVE Url: https://nvd.nist.gov/vuln/detail/CVE-2018-8453 CVSS: 7.8...