Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.142 views

Gallery WD For Joomla! Unauthenticated SQL Injection Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule 'Gallery WD for Joomla! Unauthenticated SQL Injection Scanner', 'Description' = %q This module will scan for Joomla! instances...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.238 views

ES File Explorer Open Port

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ES File Explorer Open Port', 'Description' = %q This module connects to ES File Explorer's HTTP server to run certain commands. The HTTP server i...

8.1CVSS7AI score0.6202EPSS
Exploits8
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.157 views

Oracle Demantra Database Credentials Leak

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Demantra Database Credentials Leak', 'Description' = %q This module exploits a database credentials leak found in Oracle Demantra 12.2.1 i...

5CVSS6.6AI score0.59558EPSS
Exploits7
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.707 views

IPMI 2.0 RAKP Remote SHA1 Password Hash Retrieval

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IPMI 2.0 RAKP Remote SHA1 Password Hash Retrieval', 'Description' = %q| This module identifies IPMI 2.0-compatible systems and attempts to retrie...

7.8CVSS7AI score0.81802EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.644 views

Microsoft IIS Shortname Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft IIS shortname vulnerability scanner', 'Description' = %q The vulnerability is caused by a tilde character "" in a GET or OPTIONS reques...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.220 views

ClanSphere 2011.3 Local File Inclusion

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ClanSphere 2011.3 Local File Inclusion Vulnerability', 'Description' = %q This module exploits a directory traversal flaw found in Clansphere...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.193 views

LiteSpeed Source Code Disclosure/Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LiteSpeed Source Code Disclosure/Download', 'Description' = %q This module exploits a source code disclosure/download vulnerability in versions...

5CVSS7AI score0.60196EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.279 views

Binom3 Web Management Login Scanner, Config And Password File Dump

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Binom3 Web Management Login Scanner, Config and Password File Dump', 'Description' = % This module scans for Binom3 Multifunctional Revenue Energ...

10CVSS7AI score0.1261EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.201 views

Zabbix Server Brute Force Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/loginscanner/zabbix' require 'metasploit/framework/credentialcollection' class MetasploitModule 'Zabbix Server Brute Force Utility',...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.182 views

DnaLIMS Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'DnaLIMS Directory Traversal', 'Description' = %q This module exploits a directory traversal vulnerability found in dnaLIMS. Due to the way the...

7.5CVSS7.4AI score0.56647EPSS
Exploits10
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.356 views

Total.js Prior To 3.2.4 Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Check and exploit Total.js Directory Traversal CVE-2019-8903 class MetasploitModule 'Total.js prior to 3.2.4 Directory Traversal', 'Description' = %q This module check a...

7.5CVSS7AI score0.72058EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.206 views

Adobe XML External Entity Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Adobe XML External Entity Injection', 'Description' = %q Multiple Adobe Products -- XML External Entity Injection. Affected Software: BlazeDS 3.2...

6.5CVSS7.4AI score0.90012EPSS
Exploits12
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.148 views

Cambium EPMP 1000 Ping Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Cambium ePMP 1000 'ping' Command Injection up to v2.5", 'Description' = % This module exploits an OS Command Injection vulnerability in Cambium...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.568 views

SMTP Open Relay Detection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SMTP Open Relay Detection', 'Description' = %q This module tests if an SMTP server will accept via a code 250 an e-mail by using a variation of...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.250 views

Symantec Messaging Gateway 10 Exposure Of Stored AD Password

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'digest' require "openssl" class MetasploitModule 'Symantec Messaging Gateway 10 Exposure of Stored AD Password Vulnerability', 'Description' = %q This module wi...

7.8CVSS7AI score0.0706EPSS
Exploits6
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.208 views

Wordpress BulletProof Security Backup Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/zip' class MetasploitModule 'Wordpress BulletProof Security Backup Disclosure', 'Description' = %q The Wordpress plugin BulletProof Security, versions 'Ron...

5.3CVSS7.4AI score0.7233EPSS
Exploits7
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.158 views

Oracle Demantra Arbitrary File Retrieval With Authentication Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Demantra Arbitrary File Retrieval with Authentication Bypass', 'Description' = %q This module exploits a file download vulnerability found...

5CVSS6.6AI score0.59558EPSS
Exploits7
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.290 views

IPMI 2.0 Cipher Zero Authentication Bypass Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IPMI 2.0 Cipher Zero Authentication Bypass Scanner', 'Description' = %q| This module identifies IPMI 2.0-compatible systems that are vulnerable t...

10CVSS7.1AI score0.26016EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.212 views

SAP CTC Service Verb Tampering User Management

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This module is based on, inspired by, or is a port of a plugin available in the Onapsis Bizploit Opensource ERP Penetration Testing framework -...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.237 views

Bitweaver Overlay_type Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Bitweaver overlaytype Directory Traversal', 'Description' = %q This module exploits a directory traversal vulnerability found in Bitweaver. When...

5CVSS7AI score0.52477EPSS
Exploits9
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.223 views

Jira Users Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Jira Users Enumeration', 'Description' = %q This module exploits an information disclosure vulnerability that allows an unauthenticated user to...

5.3CVSS7AI score0.99603EPSS
Exploits8
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.456 views

Microsoft Azure Active Directory Login Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Azure Active Directory Login Enumeration', 'Description' = %q This module enumerates valid usernames and passwords against a Microsoft...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.605 views

Microsoft IIS HTTP Internal IP Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft IIS HTTP Internal IP Disclosure', 'Description' = %q Collect any leaked internal IPs by requesting commonly redirected locations from...

2.6CVSS7AI score0.76558EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.571 views

Outlook Web App (OWA) Brute Force Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Outlook Web App OWA Brute Force Utility', 'Description' = %q This module tests credentials on OWA 2003, 2007, 2010, 2013, and 2016 servers. ,...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.140 views

SAP /sap/bc/soap/rfc SOAP Service SXPG_COMMAND_EXEC Function Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This module is based on, inspired by, or is a port of a plugin available in the Onapsis Bizploit Opensource ERP Penetration Testing framework -...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.159 views

Syncovery For Linux Web-GUI Session Token Brute-Forcer

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'base64' require 'date' require 'json' require 'metasploit/framework/credentialcollection' require 'metasploit/framework/loginscanner/syncoveryfilesyncbackup'...

9.8CVSS7.1AI score0.05198EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.185 views

Cambium EPMP 1000 Login Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cambium ePMP 1000 Login Scanner', 'Description' = % This module scans for Cambium ePMP 1000 management login portals, and attempts to identify...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.528 views

SMTP User Enumeration Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SMTP User Enumeration Utility', 'Description' = %q The SMTP service has two internal commands that allow the enumeration of users: VRFY confirmin...

7.1AI score
Exploits2
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.188 views

Ray Sharp DVR Password Retriever

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ray Sharp DVR Password Retriever', 'Description' = %q This module takes advantage of a protocol design issue with the Ray Sharp based DVR systems...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.266 views

D-Link User-Agent Backdoor Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'D-Link User-Agent Backdoor Scanner', 'Description' = %q This module attempts to find D-Link devices running Alphanetworks web interfaces affected...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.360 views

Citrix ADC (NetScaler) Directory Traversal Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Citrix ADC NetScaler Directory Traversal Scanner', 'Description' = % This module exploits a directory traversal vulnerability CVE-2019-19781 with...

9.8CVSS7.6AI score0.99999EPSS
Exploits48
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.175 views

WordPress Mobile Edition File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Mobile Edition File Read Vulnerability', 'Description' = %q This module exploits a directory traversal vulnerability in WordPress Plugi...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.192 views

Icingaweb Directory Traversal In Static Library File Requests

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Icingaweb Directory Traversal in Static Library File Requests', 'Description' = %q Icingaweb versions from 2.9.0 to 2.9.5 inclusive, and 2.8.0 to...

7.5CVSS7AI score0.89378EPSS
Exploits8
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.472 views

Wordpress XML-RPC System.multicall Credential Collector

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/credentialcollection' require 'metasploit/framework/loginscanner/wordpressmulticall' class MetasploitModule 'Wordpress XML-RPC...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.156 views

ColoradoFTP Server 1.3 Build 8 Directory Traversal Information Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ColoradoFTP Server 1.3 Build 8 Directory Traversal Information Disclosure', 'Description' = %q This module exploits a directory traversal...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.277 views

SAP BusinessObjects Web User Bruteforcer

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP BusinessObjects Web User Bruteforcer', 'Description' = 'This module simply attempts to bruteforce SAP BusinessObjects users by using CmcApp.'...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.267 views

Embedthis GoAhead Embedded Web Server Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Embedthis GoAhead Embedded Web Server Directory Traversal', 'Description' = %q This module exploits a directory traversal vulnerability in the...

7.5CVSS7AI score0.28417EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.521 views

MySQL Authentication Bypass Password Dump

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/proto/mysql/client' class MetasploitModule 'MySQL Authentication Bypass Password Dump', 'Description' = %Q This module exploits a password bypass...

5.1CVSS7AI score0.96188EPSS
Exploits9
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.152 views

Novell ZENworks Asset Management 7.5 Remote File Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Novell ZENworks Asset Management 7.5 Remote File Access', 'Description' = %q This module exploits a hardcoded user and password for the GetFile...

7.8CVSS7.1AI score0.44012EPSS
Exploits5
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.458 views

Canon IR-Adv Password Extractor

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Canon IR-Adv Password Extractor', 'Description' = %q This module will extract the passwords from address books on various Canon IR-Adv mfp device...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.193 views

Rosewill RXS-3211 IP Camera Password Retriever

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Rosewill RXS-3211 IP Camera Password Retriever', 'Description' = %q This module takes advantage of a protocol design issue with the Rosewill admi...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.194 views

Cisco Device HTTP Device Manager Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco Device HTTP Device Manager Access', 'Description' = %q This module gathers data from a Cisco device router or switch with the device manage...

10CVSS7AI score0.72575EPSS
Exploits6
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.250 views

HP SiteScope SOAP Call GetFileInternal Remote File Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP SiteScope SOAP Call getFileInternal Remote File Access', 'Description' = %q This module exploits an authentication bypass vulnerability in HP...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.305 views

Sentry Switched CDU Bruteforce Login Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sentry Switched CDU Bruteforce Login Utility', 'Description' = % This module scans for ServerTech's Sentry Switched CDU Cabinet Power Distributio...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.233 views

Dolibarr ERP/CRM Login Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Dolibarr ERP/CRM Login Utility', 'Description' = %q This module attempts to authenticate to a Dolibarr ERP/CRM's admin web interface, and should...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.236 views

EtherPAD Duo Login Bruteforce Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'EtherPAD Duo Login Bruteforce Utility', 'Description' = % This module scans for EtherPAD Duo login portal, and performs a login bruteforce attack...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.155 views

WANGKONGBAO CNS-1000 And 1100 UTM Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WANGKONGBAO CNS-1000 and 1100 UTM Directory Traversal', 'Description' = %q This module exploits the WANGKONGBAO CNS-1000 and 1100 UTM appliances...

5CVSS7.1AI score0.52267EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.239 views

Titan FTP Administrative Password Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rexml/document' class MetasploitModule 'Titan FTP Administrative Password Disclosure', 'Description' = %q On Titan FTP servers prior to version 9.14.1628, an...

7.2AI score
Exploits2
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.275 views

ThinVNC Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ThinVNC Directory Traversal', 'Description' = %q This module exploits a directory traversal vulnerability in ThinVNC versions 1.0b1 and prior whi...

9.8CVSS7AI score0.96758EPSS
Exploits11
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.197 views

Symantec Messaging Gateway 9.5 Log File Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Symantec Messaging Gateway 9.5 Log File Download Vulnerability', 'Description' = %q This module will download a file of your choice against...

5CVSS7AI score0.5883EPSS
Exploits4
Total number of security vulnerabilities50738