3143 matches found
CADA 3S CoDeSys Gateway Server - Directory Traversal Exploit
Exploit for windows platform in category local exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework http://metasploit.com require 'msf/core' class MetasploitModule 'SCADA 3S CoDeSys Gateway Server Directory...
Mozilla Firefox < 17.0.1 - Flash Privileged Code Injection Exploit
Exploit for multiple platform in category local exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule HttpClients::FF, :uaminver = "17.0", :uamaxver = "17.0.1", :javascript ...
MOXA Device Manager Tool 2.1 - Buffer Overflow Exploit
Exploit for windows platform in category local exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MOXA Device Manager Tool 2.1 Buffer Overflow', 'Description' = %q This module exploits a...
OP5 5.3.5 / 5.4.0 / 5.4.2 / 5.5.0 / 5.5.1 - license.php Remote Command Execution Exploit
Exploit for multiple platform in category web applications This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'OP5 license.php Remote Command Execution', 'Description' = %q This...
Malware exploit: Poisonivy
Type: Stack Buffer Overflow Author: Gal Badishi This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::Tcp def...
Malware exploit: Pbot
Type: Remote Code Execution Author: Juan Vasquez This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::Tcp...
C.COM Events CMS 0.1.02 SQL Injection / Authentication Bypass
======================================================================== | Title : C.COM 0.1.02 Events CMS authentication bypass vulnerability | Author : indoushka | email : [email protected] | Tested on: windows 8.1 Français V.Pro | Vendor : http://www.congresalgerie.com/...
Microsoft Windows Authenticated User Code Execution
This module uses a valid administrator username and password or password hash to execute an arbitrary payload. This module is similar to the "psexec" utility provided by SysInternals. This module is now able to clean up after itself. The service created by this tool uses a randomly chosen name an...
Joomla Forms 1.3.1 SQL Injection
======================================================================== | Title : Joomla comforms 1.3.1 Sql injection vulnerability | Author : indoushka | email : [email protected] | Tested on: windows 8.1 Français V.Pro | Vendor : https://github.com/subtext/comforms/blob/master/forms.xml...
NerdyZine 2.0 SQL Injection
======================================================================== | Title : NerdyZine 2.0 SQL Injection vulnerability | Author : indoushka | email : [email protected] | Tested on: windows 8.1 Français V.Pro | Vendor : http://www.nerdyzine.net/...
PCMAN FTP Server 2.0.7 Buffer Overflow
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'PCMAN FTP Server Buffer Overflow - PUT Command', 'Description' = %q This module exploits a buffer overflow vulnerability found ...
PHPLib 7.4 - SQL Injection
PHPLib 7.4 - SQL Injection PHPLib SQL Injection Vendor: PHPLib Product: PHPLib Version: newid=true; $this-name = $this-cookiename==""?$this-classname:$this-cookiename; if "" == $id $this-newid=false; switch $this-mode case "get": $id = isset$HTTPGETVARS$this-name ?...
PHPLib < 7.4 - SQL Injection
PHPLib SQL Injection Vendor: PHPLib Product: PHPLib Version: newid=true; $this-name = $this-cookiename==""?$this-classname:$this-cookiename; if "" == $id $this-newid=false; switch $this-mode case "get": $id = isset$HTTPGETVARS$this-name ?...
phpRPC < 0.7 - Remote Code Execution
phpRPC Remote Code Execution Vendor: Robert Hoffman Product: phpRPC Version: = 0.7 Website: http://sourceforge.net/projects/phprpc/ BID: 16833 CVE: CVE-2006-1032 OSVDB: 23514 SECUNIA: 19028 PACKETSTORM: 44267 Description: phpRPC is meant to be an easy to use xmlrpc library. phpRPC is greatly...
Mambo < 4.5.3h - Multiple Vulnerabilities
Mambo Multiple Vulnerabilities Vendor: Miro International Pty Ltd Product: Mambo Version: = 4.5.3h Website: http://www.mamboserver.com BID: 16775 CVE: CVE-2006-0871 CVE-2006-1794 OSVDB: 23402 23503 23505 SECUNIA: 18935 PACKETSTORM: 44191 Description: Mambo is a popular Open Source Content...
Joomla Subcategory 1.2.15 SQL Injection
| Title : Joomla comsubcategory 1.2.15 SQL Injection Vulnerability | Author : indoushka | email : [email protected] | Tested on: windows 8.1 Français V.Pro | Vendor : http://sh.st/mGzXC ======================================================================== Sql injection :...
IBM Tivoli Storage Manager FastBack Server Opcode 0x534 Denial of Service
This module exploits a denial of service condition present in IBM Tivoli Storage Manager FastBack Server when dealing with packets triggering the opcode 0x534 handler. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...
PCMAN FTP Server Buffer Overflow - PUT Command
This module exploits a buffer overflow vulnerability found in the PUT command of the PCMAN FTP v2.0.7 Server. This requires authentication but by default anonymous credentials are enabled. This module requires Metasploit: https://metasploit.com/download Current source:...
Legend Perl IRC Bot - Remote Code Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Legend Perl IRC Bot Remote Code Execution', 'Description' = %q This module exploits a remote command execution on the Legend Perl IR...
Legend Perl IRC Bot Remote Code Execution Exploit
This Metasploit module exploits a remote command execution on the Legend Perl IRC Bot . This bot has been used as a payload in the Shellshock spam last October 2014. This particular bot has functionalities like NMAP scanning, TCP, HTTP, SQL, and UDP flooding, the ability to remove system logs, an...