3143 matches found
Advantech Switch Bash Environment Variable Code Injection
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Advantech Switch Bash Environment Variable Code Injection Shellshock', 'Description' = %q This module exploits the Shellshock...
Advantech Switch Bash Environment Variable Code Injection Exploit
This Metasploit module exploits the Shellshock vulnerability, a flaw in how the Bash shell handles external environment variables. This Metasploit module targets the 'ping.sh' CGI script, accessible through the Boa web server on Advantech switches. This Metasploit module was tested against firmwa...
Advantech Switch - 'Shellshock' Bash Environment Variable Command Injection (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Advantech Switch Bash Environment Variable Code Injection Shellshock', 'Description' = %q This module exploits the Shellshock...
Chkrootkit Local Privilege Escalation
Chkrootkit before 0.50 will run any executable file named /tmp/update as root, allowing a trivial privilege escalation. WfsDelay is set to 24h, since this is how often a chkrootkit scan is scheduled by default. This module requires Metasploit: https://metasploit.com/download Current source:...
Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload Version 1
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload', 'Description' = %q This module exploits an arbitrary file...
Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload
This module exploits an arbitrary file upload vulnerability found within the Up.Time monitoring server 7.2 and below. A malicious entity can upload a PHP file into the webroot without authentication, leading to arbitrary code execution. Although the vendor fixed Up.Time to prevent this...
Zpanel - Remote Code Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/phpexe' require 'nokogiri' require 'uri' class Metasploit3 'Zpanel Remote Unauthenticated RCE', 'Description' = %q This modul...
Watermark Master Buffer Overflow (SEH)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Watermark Master Buffer Overflow SEH', 'Description' = %q This module exploits a stack based buffer overflow in Watermark Master...
w3tw0rk / Pitbul IRC Bot Remote Code Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'w3tw0rk / Pitbul IRC Bot Remote Code Execution', 'Description' = %q This module allows remote command execution on the w3tw0rk /...
w3tw0rk / Pitbul IRC Bot Remote Code Execution
This module allows remote command execution on the w3tw0rk / Pitbul IRC Bot. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'w3tw0rk / Pitbul IRC Bot Remote Code Execution', 'Description' = %q...
Pdf Shaper Buffer Overflow
This module requires Metabuffer: http://metabuffer.com/download Current source: https://github.com/rapid7/metabuffer-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank definition: http://dev.metabuffer.com/redmine/projects/framework/wiki/ExploitRanking...
VideoCharge Studio Buffer Overflow (SEH) Exploit
This Metasploit module exploits a stack based buffer overflow in VideoCharge Studio 2.12.3.685 when processing a specially crafted .VSC file. This vulnerability could be exploited by a remote attacker to execute arbitrary code on the target machine by enticing a user of VideoCharge Studio to open...
PDF Shaper Buffer Overflow
This module requires Metabuffer: http://metabuffer.com/download Current source: https://github.com/rapid7/metabuffer-framework require 'msf/core' class Metasploit3 'PDF Shaper Buffer Overflow', 'Description' = %q PDF Shaper is prone to a security vulnerability when processing PDF files. The...
Audio Share 2.0.2 Cross Site Scripting / Remote File Inclusion
| Title : Audio Share v2.0.2 Multi Vulnerability | Author : indoushka | email : [email protected] | Dork : Powered by AudioShareScript.com | Tested on: windows 8.1 Français V.Pro | Download : http://demo.audiosharescript.com/ ======================================= XSS / HTML Inject :...
60+ Vulnerabilities In 22 SOHO Routers
Dear PacketStorm community, we are a group of security researchers doing our IT Security Master's Thesis at Universidad Europea de Madrid. As a part of the dissertation, we have discovered multiple vulnerability issues on the following SOHO routers: 1. Observa Telecom AW4062 2. Comtrend WAP-5813n...
ProFTPD mod_copy command execution
Added: 05/29/2015 CVE: CVE-2015-3306 BID: 74238 OSVDB: 120834 Background ProFTPD is free FTP Server software for Unix and Linux platforms. Problem The modcopy extension, if enabled in ProFTPD, allows unauthenticated attackers to read and write arbitrary files using the SITE CPFR and SITE CPTO...
ProFTPD mod_copy command execution
Added: 05/29/2015 CVE: CVE-2015-3306 BID: 74238 OSVDB: 120834 Background ProFTPD is free FTP Server software for Unix and Linux platforms. Problem The modcopy extension, if enabled in ProFTPD, allows unauthenticated attackers to read and write arbitrary files using the SITE CPFR and SITE CPTO...
WordPress Plugin Simple Photo Gallery 1.7.8 - Blind SQL Injection
WordPress Plugin Simple Photo Gallery 1.7.8 - Blind SQL Injection Exploit Title: Wordpess Simple Photo Gallery Blind SQL Injection Date: 12-05-2015 Exploit Author: woodspeed Vendor Homepage: https://wordpress.org/plugins/simple-photo-gallery/ Version: 1.7.8 Tested on: Apache 2.2.22, PHP 5.3.10...
Lenovo System Update Privilege Escalation
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class Metasploit3 'Lenovo System Update Privilege Escalation', 'Description' = %q The named pipe, \SUPipeServer, can be accessed by normal users to interact with the Syst...
Novell ZENworks Configuration Management Arbitrary File Upload
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Novell ZENworks Configuration Management Arbitrary File Upload', 'Description' = %q This module exploits a file upload vulnerability...