Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•180 views

MS15-134 Microsoft Windows Media Center MCL Information Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'cgi' class MetasploitModule 'MS15-134 Microsoft Windows Media Center MCL Information Disclosure', 'Description' = %q This module exploits a vulnerability found ...

4.3CVSS7.4AI score0.46006EPSS
Exploits7
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•135 views

VMWare Update Manager 4 Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "VMWare Update Manager 4 Directory Traversal", 'Description' = %q This modules exploits a directory traversal vulnerability in VMWare Update Manag...

5CVSS7AI score0.59726EPSS
Exploits7
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•345 views

IBM Data Risk Manager Arbitrary File Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM Data Risk Manager Arbitrary File Download', 'Description' = %q IBM Data Risk Manager IDRM contains two vulnerabilities that can be chained by...

10CVSS6.9AI score0.71363EPSS
Exploits10
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•289 views

SuiteCRM Authenticated SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SuiteCRM authenticated SQL injection in export functionality', 'Description' = %q This module exploits an authenticated SQL injection in SuiteCRM...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•242 views

OpenSSL DTLS Fragment Buffer Overflow / Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenSSL DTLS Fragment Buffer Overflow DoS', 'Description' = %q This module performs a Denial of Service Attack against Datagram TLS in OpenSSL...

6.8CVSS7.3AI score0.99977EPSS
Exploits4
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•309 views

Microsoft Word UNC Path Injector

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework Gems for extracting files require 'zip' Project for creating files require 'rex/zip' class MetasploitModule 'Microsoft Word UNC Path Injector', 'Description' = %q This...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•173 views

Oracle DB SQL Injection Via SYS.LT.REMOVEWORKSPACE

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.LT.REMOVEWORKSPACE', 'Description' = %q This module exploits a sql injection flaw in the REMOVEWORKSPACE procedur...

5.5CVSS7AI score0.4181EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•156 views

HTTP Client LAN IP Address Gather

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HTTP Client LAN IP Address Gather', 'Description' = %q This module retrieves a browser's network interface IP addresses using WebRTC. , 'License'...

4.3CVSS7AI score0.30144EPSS
Exploits7
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•231 views

MinIO Bootstrap Verify Information Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MinIO Bootstrap Verify Information Disclosure', 'Description' = %q MinIO is a Multi-Cloud Object Storage framework. In a cluster deployment...

7.5CVSS7.3AI score0.83957EPSS
Exploits13
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•129 views

Oracle Account Discovery

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'csv' class MetasploitModule 'Oracle Account Discovery', 'Description' = %q This module uses a list of well known default authentication credentials to discover...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•159 views

Microsoft SQL Server Escalate Db_Owner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SQL Server Escalate DbOwner', 'Description' = %q This module can be used to escalate privileges to sysadmin if the user has the dbowner...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•175 views

Solaris LPD Arbitrary File Delete

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Solaris LPD Arbitrary File Delete', 'Description' = %q This module uses a vulnerability in the Solaris line printer daemon to delete arbitrary...

5CVSS7AI score0.29182EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•213 views

IBM Notes encodeURI Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "IBM Notes encodeURI DOS", 'Description' = %q This module exploits a vulnerability in the native browser that comes with IBM Lotus Notes. If...

6.5CVSS7AI score0.30074EPSS
Exploits11
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•163 views

Gather Kademlia Server Information

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Gather Kademlia Server Information', 'Description' = %q This module uses the Kademlia BOOTSTRAP and PING messages to identify and extract...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•162 views

Oracle DB SQL Injection Via SYS.DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.DBMSCDCSUBSCRIBE.ACTIVATESUBSCRIPTION', 'Description' = %q This module will escalate an Oracle DB user to DBA by...

7.5CVSS7.1AI score0.41051EPSS
Exploits4
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•204 views

Allen-Bradley's Legacy Protocol (PCCC) Denial Of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "DoS Exploitation of Allen-Bradley's Legacy Protocol PCCC", 'Description' = %q A remote, unauthenticated attacker could send a single, specially...

7.5CVSS7AI score0.22182EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•153 views

F5 BigIP Access Policy Manager Session Exhaustion Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'F5 BigIP Access Policy Manager Session Exhaustion Denial of Service', 'Description' = %q This module exploits a resource exhaustion denial of...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•151 views

Gather Steam Server Information

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Gather Steam Server Information', 'Description' = %q This module uses the A2SINFO request to obtain information from a Steam server. , 'Author' =...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•301 views

Netlogon Weak Cryptographic Authentication

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'windowserror' class MetasploitModule 'Netlogon Weak Cryptographic Authentication', 'Description' = %q A vulnerability exists within the Netlogon authentication...

10CVSS7.7AI score0.99512EPSS
Exploits75
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•249 views

ManageEngine Multiple Products Arbitrary File Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine Multiple Products Arbitrary File Download', 'Description' = %q This module exploits an arbitrary file download vulnerability in the...

7.5CVSS7AI score0.83399EPSS
Exploits11
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•171 views

2Wire Cross-Site Request Forgery Password Reset

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "2Wire Cross-Site Request Forgery Password Reset Vulnerability", 'Description' = %q This module will reset the admin password on a 2Wire wireless...

4.3CVSS7.1AI score0.09203EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•207 views

Oracle DB SQL Injection In MDSYS.SDO_TOPO_DROP_FTBL Trigger

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection in MDSYS.SDOTOPODROPFTBL Trigger', 'Description' = %q This module will escalate an Oracle DB user to MDSYS by exploiting ...

5.5CVSS7AI score0.32434EPSS
Exploits7
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•214 views

Cisco VPN Concentrator 3000 FTP Unauthorized Administrative Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco VPN Concentrator 3000 FTP Unauthorized Administrative Access', 'Description' = %q This module tests for a logic vulnerability in the Cisco...

5CVSS7.1AI score0.12101EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•151 views

Dopewars Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Dopewars Denial of Service', 'Description' = %q The jet command in Dopewars 1.5.12 is vulnerable to a segmentation fault due to a lack of input...

5CVSS7AI score0.52844EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•159 views

Microsoft SRV2.SYS SMB2 Logoff Remote Kernel NULL Pointer Dereference

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SRV2.SYS SMB2 Logoff Remote Kernel NULL Pointer Dereference', 'Description' = %q This module triggers a NULL pointer dereference in the...

10CVSS7AI score0.90121EPSS
Exploits20
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•214 views

NTP Mode 6 UNSETTRAP DRDoS Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NTP Mode 6 UNSETTRAP DRDoS Scanner', 'Description' = %q This module identifies NTP servers which permit mode 6 UNSETTRAP requests that can be use...

5CVSS6.7AI score0.97549EPSS
Exploits23
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•172 views

Internet Explorer Iframe Sandbox File Name Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Internet Explorer Iframe Sandbox File Name Disclosure Vulnerability', 'Description' = %q It was found that Internet Explorer allows the disclosur...

2.5CVSS7AI score0.35331EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•142 views

Oracle DB SQL Injection Via SYS.DBMS_CDC_PUBLISH.CREATE_CHANGE_SET

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.DBMSCDCPUBLISH.CREATECHANGESET', 'Description' = %q The module exploits an sql injection flaw in the...

4.9CVSS7AI score0.09736EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•215 views

Microsoft SRV.SYS WriteAndX Invalid DataOffset

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SRV.SYS WriteAndX Invalid DataOffset', 'Description' = %q This module exploits a denial of service vulnerability in the SRV.SYS driver ...

7.1CVSS7.4AI score0.49275EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•204 views

WebNMS Framework Server Credential Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WebNMS Framework Server Credential Disclosure', 'Description' = %q This module abuses two vulnerabilities in WebNMS Framework Server 5.2 to extra...

9.8CVSS7AI score0.97364EPSS
Exploits12
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•168 views

Brocade Password Hash Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Brocade Password Hash Enumeration', 'Description' = %q This module extracts password hashes from certain Brocade load balancer devices. ,...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•190 views

TYPO3 Sa-2010-020 Remote File Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TYPO3 sa-2010-020 Remote File Disclosure', 'Description' = %q This module exploits a flaw in the way the TYPO3 jumpurl feature matches hashes. Du...

7.1CVSS7AI score0.24558EPSS
Exploits7
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•408 views

Ruby On Rails File Content Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Ruby On Rails File Content Disclosure 'doubletap'", 'Description' = %q This module uses a path traversal vulnerability in Ruby on Rails versions ...

7.5CVSS7AI score0.98507EPSS
Exploits18
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•278 views

Veritas Backup Exec Windows Remote File Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Veritas Backup Exec Windows Remote File Access', 'Description' = %q This module abuses a logic flaw in the Backup Exec Windows Agent to download...

10CVSS7AI score0.87026EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•167 views

Juniper JunOS Malformed TCP Option

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Juniper JunOS Malformed TCP Option', 'Description' = %q This module exploits a denial of service vulnerability in Juniper Network's JunOS router...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•406 views

WordPress Google Maps Plugin SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Google Maps Plugin SQL Injection', 'Description' = %q This module exploits a SQL injection vulnerability in a REST endpoint registered ...

9.8CVSS7.4AI score0.78699EPSS
Exploits6
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•348 views

Cambium EPMP 1000 SNMP Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cambium ePMP 1000 SNMP Enumeration', 'Description' = % Cambium devices ePMP, PMP, Force, & others can be administered using SNMP. The device...

7.6CVSS7AI score0.09639EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•234 views

Chargen Probe Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Chargen Probe Utility', 'Description' = %q Chargen is a debugging and measurement tool and a character generator service. A character generator...

7AI score0.1463EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•253 views

WordPress Symposium Plugin SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Symposium Plugin SQL Injection', 'Description' = %q This module exploits a SQL injection vulnerability in the WP Symposium plugin befor...

7.5CVSS7.4AI score0.74127EPSS
Exploits5
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•258 views

Victory FTP Server 5.0 LIST Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Victory FTP Server 5.0 LIST DoS', 'Description' = %q The Victory FTP Server v5.0 can be brought down by sending a very simple LIST command ,...

5CVSS7.4AI score0.46309EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•332 views

Intersil (Boa) HTTPd Basic Authentication Password Reset

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Intersil Boa HTTPd Basic Authentication Password Reset', 'Description' = %q The Intersil extension in the Boa HTTP Server 0.93.x - 0.94.11 allows...

10CVSS7.4AI score0.68168EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•188 views

DarkComet Server Remote File Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'DarkComet Server Remote File Download Exploit', 'Description' = %q This module exploits an arbitrary file download vulnerability in the DarkComet...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•207 views

MS15-018 Microsoft Internet Explorer 10 and 11 Cross-Domain JavaScript Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "MS15-018 Microsoft Internet Explorer 10 and 11 Cross-Domain JavaScript Injection", 'Description' = %q This module exploits a universal cross-site...

4.3CVSS7AI score0.71698EPSS
Exploits5
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•306 views

ManageEngine DataSecurity Plus Xnode Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine DataSecurity Plus Xnode Enumeration', 'Description' = %q This module exploits default admin credentials for the DataEngine Xnode...

10CVSS9.6AI score0.77477EPSS
Exploits7
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•253 views

Oracle DB SQL Injection Via SYS.LT.FINDRICSET Evil Cursor Method

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.LT.FINDRICSET Evil Cursor Method', 'Description' = %q This module will escalate an Oracle DB user to DBA by...

6.5CVSS7AI score0.31758EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•189 views

HP Operations Manager Perfd Environment Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP Operations Manager Perfd Environment Scanner', 'Description' = %q This module will enumerate the process list of a remote machine by abusing H...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•179 views

Cisco IOS HTTP GET /%% Request Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco IOS HTTP GET /%% Request Denial of Service', 'Description' = %q This module triggers a Denial of Service condition in the Cisco IOS HTTP...

7.1CVSS7AI score0.35005EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•323 views

Allegro Software RomPager Misfortune Cookie (CVE-2014-9222) Authentication Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Allegro Software RomPager 'Misfortune Cookie' CVE-2014-9222 Authentication Bypass", 'Description' = %q This module exploits HTTP servers that...

10CVSS7AI score0.63748EPSS
Exploits12
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•170 views

WordPress Long Password Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Long Password DoS', 'Description' = %qWordPress before 3.7.5, 3.8.x before 3.8.5, 3.9.x before 3.9.3, and 4.x before 4.0.1 allows remot...

5CVSS6.9AI score0.83162EPSS
Exploits7
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•501 views

MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS17-010 EternalRomance/EternalSynergy/EternalChampion SMB Remote Windows Command Execution', 'Description' = %q This module will exploit SMB wit...

9.3CVSS7.4AI score0.99693EPSS
Exploits52
Total number of security vulnerabilities50738