CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2024/10/01 12:0 a.m.•13 views

Synology DiskStation Manager Cross-site Scripting (CVE-2012-1556)

Cross-site scripting XSS vulnerability in Synology Photo Station 5 for DiskStation Manager DSM 3.2-1955 allows remote attackers to inject arbitrary web script or HTML via the name parameter to photo/photoone.php. This plugin only works with Tenable.ot. Please visit...

4.3CVSS5.9AI score0.03262EPSS

Exploits2References6

Packet Storm•added 2024/09/01 12:0 a.m.•156 views

WordPress DukaPress Plugin File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress DukaPress Plugin File Read Vulnerability', 'Description' = %q This module exploits a directory traversal vulnerability in WordPress...

5CVSS7AI score0.6846EPSS

Exploits6

Packet Storm•added 2024/09/01 12:0 a.m.•154 views

HP SiteScope SOAP Call GetSiteScopeConfiguration Configuration Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP SiteScope SOAP Call getSiteScopeConfiguration Configuration Access', 'Description' = %q This module exploits an authentication bypass...

7.4AI score

Packet Storm•added 2024/09/01 12:0 a.m.•173 views

HP Intelligent Management SOM FileDownloadServlet Arbitrary Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP Intelligent Management SOM FileDownloadServlet Arbitrary Download', 'Description' = %q This module exploits a lack of authentication and acces...

5CVSS7.4AI score0.31556EPSS

Packet Storm•added 2024/09/01 12:0 a.m.•149 views

Simple Web Server 2.3-RC1 Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Simple Web Server 2.3-RC1 Directory Traversal', 'Description' = %q This module exploits a directory traversal vulnerability found in Simple Web...

5CVSS7.1AI score0.17772EPSS

Packet Storm•added 2024/09/01 12:0 a.m.•159 views

HP Intelligent Management IctDownloadServlet Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP Intelligent Management IctDownloadServlet Directory Traversal', 'Description' = %q This module exploits a lack of authentication and a directo...

7.5CVSS7AI score0.18464EPSS

Packet Storm•added 2024/09/01 12:0 a.m.•188 views

LiteSpeed Source Code Disclosure/Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LiteSpeed Source Code Disclosure/Download', 'Description' = %q This module exploits a source code disclosure/download vulnerability in versions...

5CVSS7AI score0.60196EPSS

Packet Storm•added 2024/09/01 12:0 a.m.•221 views

Nginx Source Code Disclosure/Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nginx Source Code Disclosure/Download', 'Description' = %q This module exploits a source code disclosure/download vulnerability in versions 0.7 a...

5CVSS7AI score0.71926EPSS

Exploits4

Packet Storm•added 2024/09/01 12:0 a.m.•167 views

HP Intelligent Management FaultDownloadServlet Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP Intelligent Management FaultDownloadServlet Directory Traversal', 'Description' = %q This module exploits a lack of authentication and a...

7.5CVSS7AI score0.21014EPSS

Packet Storm•added 2024/09/01 12:0 a.m.•315 views

Apache Axis2 Brute Force Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/loginscanner/axis2' require 'metasploit/framework/credentialcollection' class MetasploitModule 'Apache Axis2 Brute Force Utility',...

10CVSS7AI score0.89871EPSS

Exploits17

Packet Storm•added 2024/09/01 12:0 a.m.•197 views

Yaws Web Server Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Yaws Web Server Directory Traversal", 'Description' = %q This module exploits a directory traversal bug in Yaws v1.9.1 or less. The module can on...

6.5CVSS7AI score0.16142EPSS

Packet Storm•added 2024/09/01 12:0 a.m.•172 views

SerComm Network Device Backdoor Detection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SerComm Network Device Backdoor Detection', 'Description' = %q This module can identify SerComm manufactured network devices which contain a...

10CVSS7.1AI score0.73825EPSS

Packet Storm•added 2024/09/01 12:0 a.m.•146 views

S40 0.4.2 CMS Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'S40 0.4.2 CMS Directory Traversal Vulnerability', 'Description' = %q This module exploits a directory traversal vulnerability found in S40 CMS. T...

7.4AI score

Packet Storm•added 2024/09/01 12:0 a.m.•194 views

Symantec Messaging Gateway 9.5 Log File Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Symantec Messaging Gateway 9.5 Log File Download Vulnerability', 'Description' = %q This module will download a file of your choice against...

5CVSS7AI score0.5883EPSS

Exploits4

Packet Storm•added 2024/09/01 12:0 a.m.•254 views

Apache ActiveMQ JSP Files Source Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache ActiveMQ JSP Files Source Disclosure', 'Description' = %q This module exploits a source code disclosure in Apache ActiveMQ. The...

5CVSS7.4AI score0.78018EPSS

Exploits6

Packet Storm•added 2024/09/01 12:0 a.m.•211 views

ClanSphere 2011.3 Local File Inclusion

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ClanSphere 2011.3 Local File Inclusion Vulnerability', 'Description' = %q This module exploits a directory traversal flaw found in Clansphere...

7.4AI score

Packet Storm•added 2024/09/01 12:0 a.m.•237 views

ManageEngine Support Center Plus Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "ManageEngine Support Center Plus Directory Traversal", 'Description' = %q This module exploits a directory traversal vulnerability found in...

5CVSS7.1AI score0.59859EPSS

Packet Storm•added 2024/09/01 12:0 a.m.•352 views

X11 No-Auth Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'X11 No-Auth Scanner', 'Description' = %q This module scans for X11 servers that allow anyone to connect without authentication. , 'Author' = 'teb...

7AI score0.20978EPSS