Lucene search
+L

20652 matches found

Metasploit
Metasploit
added last week26 views

FTP Fetch, Windows Meterpreter Shell, Reverse TCP Inline (IPv6)

Fetch and execute an x86 payload from an FTP server. Connect back to attacker and spawn a Meterpreter shell. Requires Windows XP SP2 or newer. Module Options...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week27 views

FTP Fetch, Windows x64 IPv6 Bind TCP Stager

Fetch and execute an x64 payload from an FTP server. Listen for an IPv6 connection Windows x64 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week22 views

FTP Fetch, Windows x64 Command Shell, Windows x64 IPv6 Bind TCP Stager with UUID Support

Fetch and execute an x64 payload from an FTP server. Spawn a piped command shell Windows x64 staged. Listen for an IPv6 connection with UUID Support Windows x64 Module Options This module requires Metasploit: https://metasploit.com/download Current source:...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week28 views

FTP Fetch, Windows shellcode stage, Bind IPv6 TCP Stager with UUID Support (Windows x86)

Fetch and execute an x86 payload from an FTP server. Custom shellcode stage. Listen for an IPv6 connection with UUID Support Windows x86 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module...

5.4AI score
Exploits0
Metasploit
Metasploit
added last week21 views

FTP Fetch, Windows x64 IPv6 Bind TCP Stager with UUID Support

Fetch and execute an x64 payload from an FTP server. Listen for an IPv6 connection with UUID Support Windows x64 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...

5.4AI score
Exploits0
Metasploit
Metasploit
added last week19 views

FTP Fetch, Windows x64 IPv6 Bind TCP Stager

Fetch and execute an x64 payload from an FTP server. Listen for an IPv6 connection Windows x64 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week31 views

FTP Fetch, Windows Upload/Execute, Bind IPv6 TCP Stager with UUID Support (Windows x86)

Fetch and execute an x86 payload from an FTP server. Uploads an executable and runs it staged. Listen for an IPv6 connection with UUID Support Windows x86 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week14 views

FTP Fetch, Windows shellcode stage, Windows x64 IPv6 Bind TCP Stager

Fetch and execute an x64 payload from an FTP server. Custom shellcode stage. Listen for an IPv6 connection Windows x64 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week13 views

FTP Fetch, Linux Command Shell, Reverse TCP Inline (IPv6)

Fetch and execute a x86 payload from an FTP server. Connect back to attacker and spawn a command shell over IPv6 Module Options...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week14 views

FTP Fetch, Linux Command Shell, Bind IPv6 TCP Stager (Linux x86)

Fetch and execute a x86 payload from an FTP server. Spawn a command shell staged. Listen for an IPv6 connection Linux x86 Module Options...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week17 views

FTP Fetch, Linux Command Shell, Bind TCP Inline (IPv6)

Fetch and execute a x86 payload from an FTP server. Listen for a connection over IPv6 and spawn a command shell Module Options...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week14 views

FTP Fetch, Linux x64 Command Shell, Reverse TCP Inline (IPv6)

Fetch and execute an x64 payload from an FTP server. Connect back to attacker and spawn a command shell over IPv6 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...

6.2AI score
Exploits0
CVE
CVE
added last week6 views

CVE-2026-55460

CVE-2026-55460 affects Snipe-IT (IT asset/license management system). Before version 8.6.2, an authenticated non-admin user who had rights users.view and users.edit but not users.delete could directly POST to /users/bulksave with delete_user=1 because BulkUsersController::destroy() authorized onl...

7.1CVSS6.1AI score0.00285EPSS
Exploits1References3Affected Software1
CVE
CVE
added last week10 views

CVE-2026-55472

Snipe-IT (IT asset/license management) prior to version 8.6.2 permits creating a child location under a parent from a different company when Full Multiple Companies Support and scope_locations_fmcs are enabled. The API location creation endpoint detects an invalid parent-child company mismatch bu...

4.3CVSS6.1AI score0.00197EPSS
Exploits0References3Affected Software1
CVE
CVE
added last week8 views

CVE-2026-55478

Snipe-IT (IT asset/license management) has a vulnerability in the Kits API. Before version 8.6.2, POST /api/v1/kits/{kit_id}/licenses validates the caller’s ability to edit kits but does not authorize access to the referenced license object. This allows a low-privilege user with predefined-kit pe...

5.4CVSS6.1AI score0.00175EPSS
Exploits0References3Affected Software1
OSV
OSV
added last week3 views

CVE-2026-55478 Snipe-IT: Missing object-level authorization in Kits API

Snipe-IT is an IT asset/license management system. Prior to 8.6.2, POST /api/v1/kits/kitid/licenses checks whether the caller can edit kits but does not authorize access to the referenced license object, allowing a low-privilege user with predefined-kit permissions to bind a license they should n...

5.3CVSS6.1AI score0.00175EPSS
Exploits0References5
EUVD
EUVD
added last week8 views

EUVD-2026-42985

Snipe-IT is an IT asset/license management system. Prior to 8.6.0, UsersController::update passes a missing permission request field through NormalizePermissionsPayloadAction and PreserveUnauthorizedPrivilegedPermissionsAction in a way that can overwrite a target user’s permissions with a sparse...

7CVSS6.1AI score0.00298EPSS
Exploits0References3
CVE
CVE
added last week13 views

CVE-2026-55843

Snipe-IT (IT asset/license management system) contains a privilege management flaw prior to version 8.6.0 in UsersController::update(), where a missing permission request field is passed through NormalizePermissionsPayloadAction and PreserveUnauthorizedPrivilegedPermissionsAction. This can overwr...

7CVSS6.1AI score0.00298EPSS
Exploits0References3Affected Software1
OSV
OSV
added last week3 views

CVE-2026-55516 Snipe-IT: Cross-company asset maintenance re-parenting via API update

Snipe-IT is an IT asset/license management system. Prior to 8.6.2, PATCH or PUT /api/v1/maintenances/maintenanceid checks access to the current maintenance record and asset but then fills attacker-controlled fields including assetid without re-authorizing the newly supplied asset, allowing an...

7.7CVSS6.1AI score0.00218EPSS
Exploits0References5
CVE
CVE
added last week20 views

CVE-2026-61461

Summary: CVE-2026-61461 affects Dify before 1.16.0-rc1, where the MyScale vector store backend is vulnerable to SQL injection via the search_by_full_text method due to unsanitized, unparameterized search parameters. This can allow an attacker to read, modify, or delete data in the underlying Clic...

8.8CVSS6.3AI score0.00357EPSS
Exploits0References5
Rows per page
Query Builder