Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•329 views

NETGEAR Administrator Password Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NETGEAR Administrator Password Disclosure', 'Description' = %q This module will collect the password for the admin user. The exploit will not...

8.1CVSS7.2AI score0.89294EPSS
Exploits7
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•331 views

CrushFTP Unauthenticated Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'CrushFTP Unauthenticated Arbitrary File Read', 'Description' = %q This module leverages an unauthenticated server-side template injection...

10CVSS7AI score0.99539EPSS
Exploits22
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•380 views

Android Browser Remote Code Execution Through Google Play Store XFO

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Android Browser RCE Through Google Play Store XFO', 'Description' = %q This module combines two vulnerabilities to achieve remote code execution ...

5.8CVSS7.2AI score0.18278EPSS
Exploits7
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•249 views

ManageEngine Desktop Central Administrator Account Creation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine Desktop Central Administrator Account Creation', 'Description' = %q This module exploits an administrator account creation...

9.8CVSS7.4AI score0.81048EPSS
Exploits8
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•265 views

PhoenixContact PLC Remote START/STOP Command

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'PhoenixContact PLC Remote START/STOP Command', 'Version' = '1', 'Description' = %q PhoenixContact Programmable Logic Controllers are built upon a...

7.5CVSS7AI score0.80689EPSS
Exploits6
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•153 views

Advantech WebAccess DBVisitor.dll ChartThemeConfig SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rexml/document' class MetasploitModule 'Advantech WebAccess DBVisitor.dll ChartThemeConfig SQL Injection', 'Description' = %q This module exploits a SQL injecti...

7.5CVSS7AI score0.19243EPSS
Exploits4
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•175 views

Yokogawa BKBCopyD.exe Client

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Yokogawa BKBCopyD.exe Client', 'Description' = %q This module allows an unauthenticated user to interact with the Yokogawa CENTUM CS3000...

7.5CVSS7AI score0.22543EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•139 views

GE Proficy Cimplicity WebView Substitute.bcl Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule 'GE Proficy Cimplicity WebView substitute.bcl Directory Traversal', 'Description' = %q This module abuses a directory traversal in G...

4.3CVSS7AI score0.19111EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•195 views

Wordpress MasterStudy Admin Account Creation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress MasterStudy Admin Account Creation', 'Description' = %q MasterStudy LMS, a WordPress plugin, prior to 2.7.6 is affected by a privilege...

9.8CVSS7.4AI score0.84943EPSS
Exploits8
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•172 views

TrendMicro OfficeScanNT Listener Traversal Arbitrary File Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TrendMicro OfficeScanNT Listener Traversal Arbitrary File Access', 'Description' = %q This module tests for directory traversal vulnerability in...

5CVSS7AI score0.20662EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•331 views

WordPress Plugin Automatic Config Change To Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Plugin Automatic Config Change to RCE', 'Description' = %q This module exploits an unauthenticated arbitrary wordpress options change...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•198 views

Netgear R6700v3 Unauthenticated LAN Admin Password Reset

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Netgear R6700v3 Unauthenticated LAN Admin Password Reset', 'Description' = %q This module targets ZDI-20-704 aka CVE-2020-10924, a buffer overflo...

8.8CVSS7AI score0.87343EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•169 views

Cambium CnPilot R200/r201 File Path Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cambium cnPilot r200/r201 File Path Traversal', 'Description' = %q This module exploits a File Path Traversal vulnerability in Cambium cnPilot...

8.8CVSS7.1AI score0.0889EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•157 views

IBM Lotus Sametime WebPlayer Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM Lotus Sametime WebPlayer DoS', 'Description' = %q This module exploits a known flaw in the IBM Lotus Sametime WebPlayer version 8.5.2.1392 an...

4.3CVSS7.1AI score0.09279EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•233 views

iOS Safari Denial of Service with CSS

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "iOS Safari Denial of Service with CSS", 'Description' = %q This module exploits a vulnerability in WebKit on Apple iOS. If successful, the device...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•183 views

HP Web JetAdmin 6.5 Server Arbitrary Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP Web JetAdmin 6.5 Server Arbitrary Command Execution', 'Description' = %q This module abuses a command execution vulnerability within the web...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•152 views

Netopia 3347 Cable Modem Wifi Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Netopia 3347 Cable Modem Wifi Enumeration', 'Description' = %q This module extracts WEP keys and WPA preshared keys from certain Netopia cable...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•159 views

Samba lsa_io_privilege_set Heap Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Samba lsaioprivilegeset Heap Overflow', 'Description' = %q This module triggers a heap overflow in the LSA RPC service of the Samba daemon. ,...

10CVSS7.1AI score0.77806EPSS
Exploits23
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•201 views

VxWorks WDB Agent Remote Memory Dump

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VxWorks WDB Agent Remote Memory Dump', 'Description' = %q This module provides the ability to dump the system memory of a VxWorks target through...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•124 views

Microsoft SQL Server SQL Injection Escalate Execute AS

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SQL Server SQLi Escalate Execute AS', 'Description' = %q This module can be used escalate privileges if the IMPERSONATION privilege has...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•217 views

MS02-063 PPTP Malformed Control Data Kernel Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS02-063 PPTP Malformed Control Data Kernel Denial of Service', 'Description' = %q This module exploits a kernel based overflow when sending...

7.5CVSS7AI score0.50652EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•177 views

VMware VCenter Server Vmdir Authentication Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMware vCenter Server vmdir Authentication Bypass', 'Description' = %q This module bypasses LDAP authentication in VMware vCenter Server's vmdir...

9.8CVSS7AI score0.90384EPSS
Exploits20
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•163 views

Unitronics PCOM Client

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Unitronics PCOM Client', 'Description' = %q Unitronics Vision PLCs allow unauthenticated PCOM commands to query PLC registers. , 'Author' = 'Luis...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•163 views

Appian Enterprise Business Suite 5.6 SP1 Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Appian Enterprise Business Suite 5.6 SP1 DoS', 'Description' = %q This module exploits a denial of service flaw in the Appian Enterprise Business...

7.8CVSS7.1AI score0.55173EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•166 views

SAP Unauthenticated WebService User Creation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP Unauthenticated WebService User Creation', 'Description' = %q This module leverages an unauthenticated web service to submit a job which will...

10CVSS7.2AI score0.94719EPSS
Exploits6
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•281 views

MantisBT Admin SQL Injection Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "MantisBT Admin SQL Injection Arbitrary File Read", 'Description' = %q Versions 1.2.13 through 1.2.16 are vulnerable to a SQL injection attack if ...

6.5CVSS7AI score0.11311EPSS
Exploits8
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•144 views

Microweber CMS 1.2.10 Local File Inclusion (Authenticated)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microweber CMS v1.2.10 Local File Inclusion Authenticated', 'Description' = %q Microweber CMS v1.2.10 has a backup functionality. Upload and...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•306 views

QNAP QTS and Photo Station Local File Inclusion

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'QNAP QTS and Photo Station Local File Inclusion', 'Description' = %q This module exploits a local file inclusion in QNAP QTS and Photo Station th...

9.8CVSS7AI score0.89681EPSS
Exploits11
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•289 views

SysAid Help Desk Arbitrary File Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SysAid Help Desk Arbitrary File Download', 'Description' = %q This module exploits two vulnerabilities in SysAid Help Desk that allows an...

8.5CVSS7AI score0.86643EPSS
Exploits10
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•124 views

FreeBSD Remote NFS RPC Request Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FreeBSD Remote NFS RPC Request Denial of Service', 'Description' = %q This module sends a specially-crafted NFS Mount request causing a kernel...

7.8CVSS7AI score0.64373EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•168 views

Avahi Source Port 0 Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Avahi Source Port 0 DoS', 'Description' = %q Avahi-daemon versions prior to 0.6.24 can be DoS'd with an mDNS packet with a source port of 0. ,...

5CVSS6.9AI score0.59223EPSS
Exploits7
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•176 views

D-Link DIR 645 Password Extractor

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'D-Link DIR 645 Password Extractor', 'Description' = %q This module exploits an authentication bypass vulnerability in DIR 645 'OSVDB', '90733' ,...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•343 views

Postfixadmin Protected Alias Deletion

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Postfixadmin Protected Alias Deletion Vulnerability', 'Description' = %q Postfixadmin installations between 2.91 and 3.0.1 do not check if an adm...

3.5CVSS7AI score0.14953EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•243 views

Zabbix toggle_ids SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Zabbix toggleids SQL Injection', 'Description' = %q This module will exploit a SQL injection in Zabbix 3.0.3 and likely prior in order to save th...

9.8CVSS7AI score0.83284EPSS
Exploits24
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•176 views

Microsoft Windows DNSAPI.dll LLMNR Buffer Underrun Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Windows DNSAPI.dll LLMNR Buffer Underrun DoS', 'Description' = %q This module exploits a buffer underrun vulnerability in Microsoft's...

9.8CVSS7AI score0.63335EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•163 views

vBulletin Password Collector via nodeid SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'vBulletin Password Collector via nodeid SQL Injection', 'Description' = %q This module exploits a SQL injection vulnerability found in vBulletin ...

6.5CVSS7AI score0.27084EPSS
Exploits9
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•177 views

Jasmin Ransomware Web Server Unauthenticated Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Jasmin Ransomware Web Server Unauthenticated Directory Traversal', 'Description' = %q The Jasmin Ransomware web server contains an unauthenticate...

7AI score0.04611EPSS
Exploits7
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•185 views

GitLab Password Reset Account Takeover

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GitLab Password Reset Account Takeover', 'Description' = 'This module exploits an account-take-over vulnerability that allows users to take contr...

10CVSS7.4AI score0.94955EPSS
Exploits16
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•166 views

AVTECH 744 DVR Account Information Retrieval

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'AVTECH 744 DVR Account Information Retrieval', 'Description' = %q This module will extract the account information from the AVTECH 744 DVR device...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•185 views

WebNMS Framework Server Arbitrary Text File Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WebNMS Framework Server Arbitrary Text File Download', 'Description' = %q This module abuses a vulnerability in WebNMS Framework Server 5.2 that...

7.5CVSS7AI score0.97364EPSS
Exploits11
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•188 views

MS12-020 Microsoft Remote Desktop Use-After-Free Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS12-020 Microsoft Remote Desktop Use-After-Free DoS', 'Description' = %q This module exploits the MS12-020 RDP vulnerability originally discover...

9.3CVSS7AI score0.73924EPSS
Exploits11
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•165 views

Microsoft Windows SRV.SYS SrvSmbQueryFsInformation Pool Overflow Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Windows SRV.SYS SrvSmbQueryFsInformation Pool Overflow DoS', 'Description' = %q This module exploits a denial of service flaw in the...

10CVSS7.4AI score0.7572EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•195 views

TikiWiki Information Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TikiWiki Information Disclosure', 'Description' = %q A vulnerability has been reported in Tikiwiki, which can be exploited by an anonymous user t...

5CVSS7AI score0.53067EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•249 views

Titan FTP Server 6.26.630 SITE WHO Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Titan FTP Server 6.26.630 SITE WHO DoS', 'Description' = %q The Titan FTP server v6.26 build 630 can be DoS'd by issuing "SITE WHO". You need a...

5CVSS7AI score0.44577EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•209 views

Arris DG950A Cable Modem Wifi Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Arris DG950A Cable Modem Wifi Enumeration', 'Description' = %q This module will extract WEP keys and WPA preshared keys from Arris DG950A cable...

5CVSS7AI score0.17133EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•187 views

FileZilla FTP Server Malformed PORT Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FileZilla FTP Server Malformed PORT Denial of Service', 'Description' = %q This module triggers a Denial of Service condition in the FileZilla FT...

4CVSS7.4AI score0.70297EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•532 views

BIND TSIG Badtime Query Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'BIND TSIG Badtime Query Denial of Service', 'Description' = %q A logic error in code which checks TSIG validity can be used to trigger an asserti...

7.5CVSS7.2AI score0.93422EPSS
Exploits5
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•282 views

MongoDB Ops Manager Diagnostic Archive Sensitive Information Retriever

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'digest/md5' require 'zlib' class MetasploitModule 'MongoDB Ops Manager Diagnostic Archive Sensitive Information Retriever', 'Description' = %q MongoDB Ops Manag...

5.3CVSS7AI score0.00891EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•334 views

BIND TSIG Query Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'BIND TSIG Query Denial of Service', 'Description' = %q A defect in the rendering of messages into packets can cause named to exit with an asserti...

7.8CVSS7.1AI score0.89482EPSS
Exploits7
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•142 views

Oracle DB SQL Injection Via SYS.LT.MERGEWORKSPACE

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.LT.MERGEWORKSPACE', 'Description' = %q This module exploits a sql injection flaw in the MERGEWORKSPACE procedure ...

5.5CVSS7AI score0.4181EPSS
Exploits3
Total number of security vulnerabilities50738