Lucene search
+L

1974 matches found

Metasploit
Metasploit
added last week24 views

FTP Fetch, Bind TCP Stager with UUID Support (Windows x86)

Fetch and execute an x86 payload from an FTP server. Listen for a connection with UUID Support Windows x86 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week33 views

FTP Fetch, Bind IPv6 TCP Stager with UUID Support (Windows x86)

Fetch and execute an x86 payload from an FTP server. Listen for an IPv6 connection with UUID Support Windows x86 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week20 views

FTP Fetch, Reverse TCP Stager with UUID Support (Windows x64)

Fetch and execute an x64 payload from an FTP server. Connect back to the attacker with UUID Support Windows x64 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week28 views

FTP Fetch, Bind TCP Stager with UUID Support (Windows x64)

Fetch and execute an x64 payload from an FTP server. Listen for a connection with UUID Support Windows x64 Module Options...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week21 views

FTP Fetch, Reverse TCP Stager with UUID Support

Fetch and execute an x86 payload from an FTP server. Connect back to the attacker with UUID Support Module Options...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week28 views

FTP Fetch, Windows Command Shell, Reverse TCP Stager with UUID Support

Fetch and execute an x86 payload from an FTP server. Spawn a piped command shell staged. Connect back to the attacker with UUID Support Module Options...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week34 views

FTP Fetch, Windows Upload/Execute, Reverse TCP Stager with UUID Support

Fetch and execute an x86 payload from an FTP server. Uploads an executable and runs it staged. Connect back to the attacker with UUID Support Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week22 views

FTP Fetch, Windows x64 Command Shell, Windows x64 IPv6 Bind TCP Stager with UUID Support

Fetch and execute an x64 payload from an FTP server. Spawn a piped command shell Windows x64 staged. Listen for an IPv6 connection with UUID Support Windows x64 Module Options This module requires Metasploit: https://metasploit.com/download Current source:...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week37 views

FTP Fetch, Reverse TCP Stager with UUID Support

Fetch and execute an x86 payload from an FTP server. Connect back to the attacker with UUID Support Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week30 views

FTP Fetch, Windows Command Shell, Reverse UDP Stager with UUID Support

Fetch and execute an x86 payload from an FTP server. Spawn a piped command shell staged. Connect back to the attacker with UUID Support Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week35 views

FTP Fetch, Reverse TCP Stager with UUID Support (Windows x64)

Fetch and execute an x64 payload from an FTP server. Connect back to the attacker with UUID Support Windows x64 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week23 views

FTP Fetch, Bind TCP Stager with UUID Support (Windows x86)

Fetch and execute an x86 payload from an FTP server. Listen for a connection with UUID Support Windows x86 Module Options...

6.2AI score
Exploits0
Metasploit
Metasploit
added last week15 views

FTP Fetch, Bind IPv6 TCP Stager with UUID Support (Linux x86)

Fetch and execute a x86 payload from an FTP server. Listen for an IPv6 connection with UUID Support Linux x86 Module Options...

6.2AI score
Exploits0
NVD
NVD
added 2026/07/08 3:16 p.m.8 views

CVE-2026-10708

This vulnerability enables large‑scale data harvesting without requiring app‑specific secrets. A single request to a minimal leaderboard component may return user records containing emails, UUIDs, and custom fields. The combination of wildcard CORS behavior, long‑lived twenty‑day JWTs, and the...

7.5CVSS0.00158EPSS
Exploits0References1
CVE
CVE
added 2026/07/08 2:5 p.m.11 views

CVE-2026-10708

CVE-2026-10708 — Summary (Adalo platform) Affected: Adalo’s database API across V1/V2 applications (notably via a minimal leaderboard component). Root cause: Wildcard Cross‑Origin Resource Sharing (CORS), long‑lived JWTs (~20 days) stored client‑side, and absence of token revocation/ownership che...

7.5CVSS6AI score0.00158EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/08 2:5 p.m.35 views

CVE-2026-10708 Insufficiently Protected Credentials

This vulnerability enables large‑scale data harvesting without requiring app‑specific secrets. A single request to a minimal leaderboard component may return user records containing emails, UUIDs, and custom fields. The combination of wildcard CORS behavior, long‑lived twenty‑day JWTs, and the...

0.00158EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/08 12:31 a.m.36 views

CVE-2026-55438 Coder's workspace app CORS origin check can be bypassed via UUID-based subdomain spoofing

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.17, 2.32.7, 2.33.8, and 2.34.2, Coder's subdomain-based workspace app proxy allowed the same-owner CORS check to be bypassed. When a workspace-name subdomain segment parsed as a UUID, the...

5.8CVSS0.00222EPSS
Exploits0References7
CVE
CVE
added 2026/07/07 11:57 p.m.13 views

CVE-2026-55428

CVE-2026-55428 (Coder) describes a route hijack risk in the tailnet coordinator where an agent’s AllowedIPs are not validated against the agent’s authenticated UUID, unlike the Addresses check. The coordinator forwards adversarially supplied AllowedIPs to WireGuard peers, potentially enabling an ...

8.2CVSS6AI score0.00405EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2026/07/07 12:16 a.m.11 views

CVE-2026-53648

FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.1, downloadable product files are stored using a deterministic filename-derived path. When an administrator uploads a file for a downloadable product, FOSSBilling stores the file as md5 under the uploads...

5.1CVSS0.00264EPSS
Exploits0References1
CVE
CVE
added 2026/07/06 11:12 p.m.13 views

CVE-2026-53648

FOSSBilling prior to v0.8.1 stores downloadable product files with a deterministic path md5(), so files with identical names between different products/orders map to the same stored path and can be overwritten by later uploads. This leads to customers/admins downloading the wrong file. Version 0....

5.1CVSS5.9AI score0.00264EPSS
Exploits0References1
Rows per page
Query Builder