Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•188 views

Amazon Fire TV YouTube Remote Control

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Amazon Fire TV YouTube Remote Control', 'Description' = %q This module acts as a simple remote control for the Amazon Fire TV's YouTube app. Test...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•264 views

Cambium CnPilot R200/r201 SNMP Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cambium cnPilot r200/r201 SNMP Enumeration', 'Description' = % Cambium cnPilot r200/r201 devices can be administered using SNMP. The device...

8CVSS7.1AI score0.04858EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•200 views

Schneider Modicon Quantum Password Recovery

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Schneider Modicon Quantum Password Recovery', 'Description' = %q The Schneider Modicon Quantum series of Ethernet cards store usernames and...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•207 views

Telisca IPS Lock Cisco IP Phone Control

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Telisca IPS Lock Cisco IP Phone Control', 'Description' = %q This module allows an unauthenticated attacker to exercise the "Lock" and "Unlock"...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•198 views

TYPO3 News Module SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TYPO3 News Module SQL Injection', 'Description' = %q This module exploits a SQL Injection vulnerability In TYPO3 NewsController.php in the news...

9.8CVSS7.4AI score0.48429EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•151 views

Pimcore Gather Credentials via SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pimcore Gather Credentials via SQL Injection', 'Description' = %q This module extracts the usernames and hashed passwords of all users of the...

6.5CVSS7AI score0.2895EPSS
Exploits7
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•226 views

Solarwinds Orion AccountManagement.asmx GetAccounts Admin Creation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Solarwinds Orion AccountManagement.asmx GetAccounts Admin Creation', 'Description' = %q This module exploits a stacked SQL injection in order to...

7.5CVSS7AI score0.47749EPSS
Exploits8
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•176 views

Memcached Stats Amplification Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Memcached Stats Amplification Scanner', 'Description' = %q This module can be used to discover Memcached servers which expose the unrestricted UD...

7.5CVSS7AI score0.8864EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•144 views

Sysax Multi-Server 6.10 SSHD Key Exchange Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Sysax Multi-Server 6.10 SSHD Key Exchange Denial of Service', 'Description' = %q This module sends a specially-crafted SSH Key Exchange causing t...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•161 views

Android Open Source Platform (AOSP) Browser UXSS

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Android Open Source Platform AOSP Browser UXSS', 'Description' = %q This module exploits a Universal Cross-Site Scripting UXSS vulnerability...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•155 views

Cisco Data Center Network Manager Unauthenticated File Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco Data Center Network Manager Unauthenticated File Download', 'Description' = %q DCNM exposes a servlet to download files on...

9.8CVSS7AI score0.82815EPSS
Exploits8
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•150 views

Ray Static Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ray static arbitrary file read', 'Description' = %q Ray before 2.8.1 is vulnerable to a local file inclusion. , 'Author' = 'byt3bl33d3r ', Python...

7.5CVSS7AI score0.14652EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•410 views

Allen-Bradley/Rockwell Automation EtherNet/IP CIP Commands

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Allen-Bradley/Rockwell Automation EtherNet/IP CIP Commands', 'Description' = %q The EtherNet/IP CIP protocol allows a number of unauthenticated...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•1532 views

Hikvision IP Camera Information Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Unauthenticated information disclosure such as configuration, credentials and camera snapshots of a vulnerable Hikvision IP Camera', 'Description...

10CVSS7AI score0.99998EPSS
Exploits11
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•225 views

Netgear Unauthenticated SOAP Password Extractor

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Netgear Unauthenticated SOAP Password Extractor', 'Description' = %q This module exploits an authentication bypass vulnerability in different...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•446 views

Fortra FileCatalyst Workflow SQL Injection

require 'digest/md5' class MetasploitModule 'Fortra FileCatalyst Workflow SQL Injection CVE-2024-5276', 'Description' = %q This module exploits a SQL injection vulnerability in Fortra FileCatalyst Workflow 'Tenable', Discovery and PoC 'Michael Heinzl' MSF Module , 'References' = 'CVE', '2024-5276...

9.8CVSS7.1AI score0.90067EPSS
Exploits5
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•161 views

NIS bootparamd Domain Name Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NIS bootparamd Domain Name Disclosure', 'Description' = %q This module discloses the NIS domain name from bootparamd. You must know a client...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•213 views

Oracle DB SQL Injection Via DBMS_EXPORT_EXTENSION

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via DBMSEXPORTEXTENSION', 'Description' = %q This module will escalate an Oracle DB user to DBA by exploiting a sql...

4.6CVSS7AI score0.21556EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•132 views

Axigen Arbitrary File Read And Delete

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Axigen Arbitrary File Read and Delete', 'Description' = %q This module exploits a directory traversal vulnerability in the WebAdmin interface of...

6.4CVSS7AI score0.83632EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•364 views

OpenEMR 5.0.1 Patch 6 SQL Injection

require 'csv' This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenEMR 5.0.1 Patch 6 SQLi Dump', 'Description' = ' This module exploits a SQLi vulnerability found in OpenEMR version 5.0.1 Patch ...

9.8CVSS7AI score0.11945EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•166 views

JVC/Siemens/Vanderbilt IP-Camera Readfile Password Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'JVC/Siemens/Vanderbilt IP-Camera Readfile Password Disclosure', 'Description' = %q SIEMENS IP-Camera CVMS2025-IR + CCMS2025, JVC IP-Camera...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•135 views

UoW Pop2d Remote File Retrieval

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'UoW pop2d Remote File Retrieval Vulnerability', 'Description' = %q This module exploits a vulnerability in the FOLD command of the University of...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•265 views

Cisco ASA Authentication Bypass (EXTRABACON)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco ASA Authentication Bypass EXTRABACON', 'Description' = %q This module patches the authentication functions of a Cisco ASA to allow...

8.8CVSS7.2AI score0.87503EPSS
Exploits7
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•147 views

Pi3Web ISAPI Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pi3Web ISAPI DoS', 'Description' = %q The Pi3Web HTTP server crashes when a request is made for an invalid DLL file in /isapi for versions 2.0.13...

4.3CVSS7.4AI score0.26485EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•164 views

Dolibarr Gather Credentials via SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Dolibarr Gather Credentials via SQL Injection', 'Description' = %q This module enables an authenticated user to collect the usernames and encrypt...

9.8CVSS7AI score0.71242EPSS
Exploits10
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•223 views

WordPress WPLMS Theme Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress WPLMS Theme Privilege Escalation', 'Description' = %q The WordPress WPLMS theme from version 1.5.2 to 1.8.4.1 allows an authenticated...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•217 views

IBM Tivoli Storage Manager FastBack Server Opcode 0x534 Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "IBM Tivoli Storage Manager FastBack Server Opcode 0x534 Denial of Service", 'Description' = %q This module exploits a denial of service condition...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•222 views

Microsoft Windows Deployment Services Unattend Retrieval

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Windows Deployment Services Unattend Retrieval', 'Description' = %q This module retrieves the client unattend file from Windows...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•156 views

SIP Deregister Extension

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SIP Deregister Extension', 'Description' = %q This module will attempt to deregister a SIP user from the provider. It has been tested successfull...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•160 views

Linksys WRT120N TmUnblock Stack Buffer Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Linksys WRT120N tmUnblock Stack Buffer Overflow', 'Description' = %q This module exploits a stack-based buffer overflow vulnerability in the...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•240 views

Atlassian Confluence Data Center And Server Authentication Bypass Via Broken Access Control

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Atlassian Confluence Data Center and Server Authentication Bypass via Broken Access Control', 'Description' = %q This module exploits a broken...

10CVSS7.2AI score0.99156EPSS
Exploits39
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•287 views

HP ProCurve SNAC Domain Controller Credential Dumper

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rexml/document' class MetasploitModule 'HP ProCurve SNAC Domain Controller Credential Dumper', 'Description' = %q This module will extract Domain Controller...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•221 views

Drupal OpenID External Entity Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Drupal OpenID External Entity Injection', 'Description' = %q This module abuses an XML External Entity Injection vulnerability on the OpenID modu...

5CVSS7AI score0.15812EPSS
Exploits4
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•172 views

NETGEAR ProSafe Network Management System 300 Authenticated File Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NETGEAR ProSafe Network Management System 300 Authenticated File Download', 'Description' = %q Netgear's ProSafe NMS300 is a network management...

9.6CVSS7.4AI score0.94104EPSS
Exploits6
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•224 views

OpenSSL Heartbeat (Heartbleed) Client Memory Exposure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenSSL Heartbeat Heartbleed Client Memory Exposure', 'Description' = %q This module provides a fake SSL service that is intended to leak memory...

7.5CVSS7.6AI score0.99999EPSS
Exploits87
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•212 views

ISC DHCP Zero Length ClientID Denial of Service Module

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ISC DHCP Zero Length ClientID Denial of Service Module', 'Description' = %q This module performs a Denial of Service Attack against the ISC DHCP...

5CVSS6.9AI score0.76412EPSS
Exploits7
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•152 views

SMBLoris NBSS Denial of Service

!/usr/bin/env ruby require 'socket' require 'metasploit' require 'bindata' class NbssHeader ' , date: '2017-06-29', references: type: 'url', ref: 'https://web.archive.org/web/20170804072329/https://smbloris.com/' , type: 'aka', ref: 'SMBLoris' , type: 'dos', options: rhost: type: 'address',...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•160 views

Cisco IOX XE Unauthenticated Command Line Interface (CLI) Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco IOX XE unauthenticated Command Line Interface CLI execution', 'Description' = %q This module leverages CVE-2023-20198 against vulnerable...

10CVSS7.2AI score0.99571EPSS
Exploits26
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•180 views

MS06-019 Exchange MODPROP Heap Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS06-019 Exchange MODPROP Heap Overflow', 'Description' = %q This module triggers a heap overflow vulnerability in MS Exchange that occurs when...

7.5CVSS7.4AI score0.78679EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•168 views

Solaris KCMS + TTDB Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Solaris KCMS + TTDB Arbitrary File Read', 'Description' = %q This module targets a directory traversal vulnerability in the kcmsserver component...

5CVSS7AI score0.25724EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•194 views

ua-parser-js npm module ReDenial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ua-parser-js npm module ReDoS', 'Description' = %q This module exploits a Regular Expression Denial of Service vulnerability in the npm module...

7.5CVSS7AI score0.09242EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•249 views

WordPress WP GDPR Compliance Plugin Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress WP GDPR Compliance Plugin Privilege Escalation', 'Description' = %q The Wordpress GDPR Compliance plugin 'Mikey Veenstra WordFence',...

9.8CVSS7AI score0.87294EPSS
Exploits4
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•159 views

Huawei Datacard Information Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'base64' class MetasploitModule /./i, 'Serial Number' = /./i, 'IMEI' = /./i, 'IMSI' = /./i, 'ICCID' = /./i, 'Hardware Version' = /./i, 'Software Version' = /./i,...

4.3CVSS7AI score0.06129EPSS
Exploits5
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•184 views

Advantech WebAccess 8.1 Post Authentication Credential Collector

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Advantech WebAccess 8.1 Post Authentication Credential Collector", 'Description' = %q This module allows you to log into Advantech WebAccess 8.1,...

9.8CVSS7AI score0.15356EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•177 views

Joomla weblinks-categories Unauthenticated SQL Injection / Arbtirary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Joomla weblinks-categories Unauthenticated SQL Injection Arbitrary File Read', 'Description' = %q Joomla versions 3.2.2 and below are vulnerable ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•238 views

Konica Minolta Password Extractor

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Konica Minolta Password Extractor', 'Description' = %q This module will extract FTP and SMB account usernames and passwords from Konica Minolta...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•157 views

Oracle DB Privilege Escalation Via Function-Based Index

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB Privilege Escalation via Function-Based Index', 'Description' = %q This module will escalate an Oracle DB user to DBA by creating a...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•256 views

Windows IIS HTTP Protocol Stack Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Windows IIS HTTP Protocol Stack DOS', 'Description' = %q This module exploits CVE-2021-31166, a UAF bug in http.sys when parsing specially crafte...

9.8CVSS7.4AI score0.99718EPSS
Exploits24
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•218 views

Cisco IOS Telnet Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco IOS Telnet Denial of Service', 'Description' = %q This module triggers a Denial of Service condition in the Cisco IOS telnet service...

10CVSS7.2AI score0.98975EPSS
Exploits12
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•915 views

MS12-020 Microsoft Remote Desktop Checker

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS12-020 Microsoft Remote Desktop Checker', 'Description' = %q This module checks a range of hosts for the MS12-020 vulnerability. This does not...

9.3CVSS7AI score0.73924EPSS
Exploits11
Total number of security vulnerabilities50738