1974 matches found
FTP Fetch, Bind TCP Stager with UUID Support (Windows x86)
Fetch and execute an x86 payload from an FTP server. Listen for a connection with UUID Support Windows x86 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...
FTP Fetch, Bind IPv6 TCP Stager with UUID Support (Windows x86)
Fetch and execute an x86 payload from an FTP server. Listen for an IPv6 connection with UUID Support Windows x86 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...
FTP Fetch, Reverse TCP Stager with UUID Support (Windows x64)
Fetch and execute an x64 payload from an FTP server. Connect back to the attacker with UUID Support Windows x64 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...
FTP Fetch, Bind TCP Stager with UUID Support (Windows x64)
Fetch and execute an x64 payload from an FTP server. Listen for a connection with UUID Support Windows x64 Module Options...
FTP Fetch, Reverse TCP Stager with UUID Support
Fetch and execute an x86 payload from an FTP server. Connect back to the attacker with UUID Support Module Options...
FTP Fetch, Windows Command Shell, Reverse TCP Stager with UUID Support
Fetch and execute an x86 payload from an FTP server. Spawn a piped command shell staged. Connect back to the attacker with UUID Support Module Options...
FTP Fetch, Windows Upload/Execute, Reverse TCP Stager with UUID Support
Fetch and execute an x86 payload from an FTP server. Uploads an executable and runs it staged. Connect back to the attacker with UUID Support Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module...
FTP Fetch, Windows x64 Command Shell, Windows x64 IPv6 Bind TCP Stager with UUID Support
Fetch and execute an x64 payload from an FTP server. Spawn a piped command shell Windows x64 staged. Listen for an IPv6 connection with UUID Support Windows x64 Module Options This module requires Metasploit: https://metasploit.com/download Current source:...
FTP Fetch, Reverse TCP Stager with UUID Support
Fetch and execute an x86 payload from an FTP server. Connect back to the attacker with UUID Support Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...
FTP Fetch, Windows Command Shell, Reverse UDP Stager with UUID Support
Fetch and execute an x86 payload from an FTP server. Spawn a piped command shell staged. Connect back to the attacker with UUID Support Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module...
FTP Fetch, Reverse TCP Stager with UUID Support (Windows x64)
Fetch and execute an x64 payload from an FTP server. Connect back to the attacker with UUID Support Windows x64 Module Options This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework module MetasploitModule include...
FTP Fetch, Bind TCP Stager with UUID Support (Windows x86)
Fetch and execute an x86 payload from an FTP server. Listen for a connection with UUID Support Windows x86 Module Options...
FTP Fetch, Bind IPv6 TCP Stager with UUID Support (Linux x86)
Fetch and execute a x86 payload from an FTP server. Listen for an IPv6 connection with UUID Support Linux x86 Module Options...
CVE-2026-10708
This vulnerability enables large‑scale data harvesting without requiring app‑specific secrets. A single request to a minimal leaderboard component may return user records containing emails, UUIDs, and custom fields. The combination of wildcard CORS behavior, long‑lived twenty‑day JWTs, and the...
CVE-2026-10708
CVE-2026-10708 — Summary (Adalo platform) Affected: Adalo’s database API across V1/V2 applications (notably via a minimal leaderboard component). Root cause: Wildcard Cross‑Origin Resource Sharing (CORS), long‑lived JWTs (~20 days) stored client‑side, and absence of token revocation/ownership che...
CVE-2026-10708 Insufficiently Protected Credentials
This vulnerability enables large‑scale data harvesting without requiring app‑specific secrets. A single request to a minimal leaderboard component may return user records containing emails, UUIDs, and custom fields. The combination of wildcard CORS behavior, long‑lived twenty‑day JWTs, and the...
CVE-2026-55438 Coder's workspace app CORS origin check can be bypassed via UUID-based subdomain spoofing
Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.17, 2.32.7, 2.33.8, and 2.34.2, Coder's subdomain-based workspace app proxy allowed the same-owner CORS check to be bypassed. When a workspace-name subdomain segment parsed as a UUID, the...
CVE-2026-55428
CVE-2026-55428 (Coder) describes a route hijack risk in the tailnet coordinator where an agent’s AllowedIPs are not validated against the agent’s authenticated UUID, unlike the Addresses check. The coordinator forwards adversarially supplied AllowedIPs to WireGuard peers, potentially enabling an ...
CVE-2026-53648
FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.1, downloadable product files are stored using a deterministic filename-derived path. When an administrator uploads a file for a downloadable product, FOSSBilling stores the file as md5 under the uploads...
CVE-2026-53648
FOSSBilling prior to v0.8.1 stores downloadable product files with a deterministic path md5(), so files with identical names between different products/orders map to the same stored path and can be overwritten by later uploads. This leads to customers/admins downloading the wrong file. Version 0....