Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
PacketstormRecent
RecentMost viewed

50653 matches found

Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•234 views

Titan FTP Server 6.26.630 SITE WHO Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Titan FTP Server 6.26.630 SITE WHO DoS', 'Description' = %q The Titan FTP server v6.26 build 630 can be DoS'd by issuing "SITE WHO". You need a...

5CVSS7AI score0.64183EPSS
Exploits3
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•164 views

Netgear R7000 Backup.cgi Heap Overflow Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Netgear R7000 backup.cgi Heap Overflow RCE', 'Description' = %q This module exploits a heap buffer overflow in the genie.cgi?backup.cgi page of...

8.8CVSS7AI score0.13718EPSS
Exploits4
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•179 views

WordPress WP EasyCart Plugin Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress WP EasyCart Plugin Privilege Escalation', 'Description' = %q The WordPress WP EasyCart plugin from version 1.1.30 to 3.0.20 allows...

8.8CVSS7AI score0.63767EPSS
Exploits4
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•1415 views

CVE-2023-21554 QueueJumper - MSMQ Remote Code Execution Check

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'bindata' class MetasploitModule 'CVE-2023-21554 - QueueJumper - MSMQ RCE Check', 'Description' = %q This module checks the provided hosts for the CVE-2023-21554...

9.8CVSS7AI score0.91896EPSS
Exploits7
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•199 views

UDP Amplification Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'UDP Amplification Scanner', 'Description' = 'Detect UDP endpoints with UDP amplification vulnerabilities', 'Author' = 'Jon Hart ', 'License' =...

5CVSS7.1AI score0.92136EPSS
Exploits23
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•145 views

OpenSSL DTLS ChangeCipherSpec Remote Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenSSL DTLS ChangeCipherSpec Remote DoS', 'Description' = %q This module performs a Denial of Service Attack against Datagram TLS in OpenSSL...

5CVSS7AI score0.47628EPSS
Exploits9
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•147 views

SolarWinds TFTP Server 10.4.0.10 Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SolarWinds TFTP Server 10.4.0.10 Denial of Service' , 'Description' = %q The SolarWinds TFTP server can be shut down by sending a 'netascii' read...

5CVSS7AI score0.82831EPSS
Exploits3
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•131 views

Microsoft RRAS InterfaceAdjustVLSPointers NULL Dereference

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft RRAS InterfaceAdjustVLSPointers NULL Dereference', 'Description' = %q This module triggers a NULL dereference in svchost.exe on all...

7.4AI score
Exploits0
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•206 views

Splunk __raw Server Info Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Splunk raw Server Info Disclosure ', 'Description' = %q Splunk 6.2.3 through 7.0.1 allows information disclosure by appending...

5.3CVSS7AI score0.92221EPSS
Exploits7
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•204 views

Telisca IPS Lock Cisco IP Phone Control

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Telisca IPS Lock Cisco IP Phone Control', 'Description' = %q This module allows an unauthenticated attacker to exercise the "Lock" and "Unlock"...

7.4AI score
Exploits0
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•210 views

TYPO3 Winstaller Default Encryption Keys

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TYPO3 Winstaller Default Encryption Keys', 'Description' = %q This module exploits known default encryption keys found in the TYPO3 Winstaller...

7.4AI score
Exploits0
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•166 views

Fake DNS Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'resolv' class MetasploitModule 'Fake DNS Service', 'Description' = %q This module provides a DNS service that redirects all queries to a particular address. ,...

7.4AI score
Exploits0
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•1003 views

Windows Secrets Dump

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rubysmb/dcerpc/client' class MetasploitModule Rex::Proto::Kerberos::Crypto::Encryption::DESCBCCRC, 3 = Rex::Proto::Kerberos::Crypto::Encryption::DESCBCMD5, 17 =...

7.4AI score
Exploits0
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•165 views

Brocade Password Hash Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Brocade Password Hash Enumeration', 'Description' = %q This module extracts password hashes from certain Brocade load balancer devices. ,...

7.4AI score
Exploits0
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•284 views

Native DNS Spoofer

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Native DNS Spoofer Example', 'Description' = %q This module provides a Rex based DNS service to resolve queries intercepted via the capture mixin...

7.4AI score
Exploits0
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•147 views

FortiOS Path Traversal Credential Gatherer

frozenstringliteral: true This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FortiOS Path Traversal Credential Gatherer', 'Description' = %q Fortinet FortiOS versions 5.4.6 to 5.4.12, 5.6.3 to 5.6...

7.4AI score
Exploits0
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•169 views

SNMP Windows Username Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SNMP Windows Username Enumeration', 'Description' = ' This module will use LanManager/psProcessUsername OID values to enumerate local user accoun...

7.4AI score
Exploits0
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•149 views

AD CS Certificate Template Management

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'AD CS Certificate Template Management', 'Description' = %q This module can create, read, update, and delete AD CS certificate templates from a...

7.4AI score
Exploits0
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•149 views

Motorola WR850G 4.03 Credentials

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Motorola WR850G v4.03 Credentials', 'Description' = %q Login credentials to the Motorola WR850G router with firmware v4.03 can be obtained via a...

7.5CVSS7.1AI score0.35484EPSS
Exploits2
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•144 views

Pi3Web ISAPI Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pi3Web ISAPI DoS', 'Description' = %q The Pi3Web HTTP server crashes when a request is made for an invalid DLL file in /isapi for versions 2.0.13...

4.3CVSS7.4AI score0.73687EPSS
Exploits3
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•144 views

IBM Lotus Notes Sametime Room Name Bruteforce

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'enumerable' class MetasploitModule 'IBM Lotus Notes Sametime Room Name Bruteforce', 'Description' = %q This module bruteforces Sametime meeting room names via t...

4.3CVSS7.1AI score0.29135EPSS
Exploits2
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•154 views

IBM Lotus Sametime Version Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule Release .+?/i , 'api', 'meeting', /^meeting=.$/i , 'api', 'appshare', /^appshare=.$/i , 'api', 'docshare', /^docshare=.$/i , 'api',...

5CVSS7.1AI score0.37245EPSS
Exploits2
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•148 views

Gather Quake Server Information

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Gather Quake Server Information', 'Description' = %q This module uses the getstatus or getinfo request to obtain information from a Quakeserver. ...

7.4AI score
Exploits0
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•164 views

EMC AlphaStor Library Manager Arbitrary Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'EMC AlphaStor Library Manager Arbitrary Command Execution', 'Description' = %q EMC AlphaStor Library Manager is prone to a remote command-injecti...

10CVSS7AI score0.84999EPSS
Exploits6
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•171 views

Apache Tapestry HMAC secret key leak

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Tapestry HMAC secret key leak', 'Description' = %q This exploit finds the HMAC secret key used in Java serialization by Apache Tapestry...

10CVSS7AI score0.93938EPSS
Exploits5
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•228 views

Metasploit HTTP(S) handler Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Metasploit HTTPS handler DoS', 'Description' = %q This module exploits the Metasploit HTTPS handler by sending a specially crafted HTTP request...

7.5CVSS7.1AI score0.87878EPSS
Exploits2
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•285 views

Control ID IDSecure Authentication Bypass

class MetasploitModule 'Control iD iDSecure Authentication Bypass CVE-2023-6329', 'Description' = %q This module exploits an improper access control vulnerability CVE-2023-6329 in Control iD iDSecure 'Michael Heinzl', MSF Module 'Tenable' Discovery and PoC , 'References' = 'CVE', '2023-6329',...

9.8CVSS7.1AI score0.92487EPSS
Exploits6
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•303 views

Magento XXE Unserialize Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Magento XXE Unserialize Arbitrary File Read', 'Description' = %q This module exploits a XXE vulnerability in Magento 2.4.7-p1 and below which...

9.8CVSS7.2AI score0.94171EPSS
Exploits26
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•195 views

NTP NAK To The Future

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NTP "NAK to the Future"', 'Description' = %q Crypto-NAK packets can be used to cause ntpd to accept time from unauthenticated ephemeral symmetric...

9.8CVSS7AI score0.83579EPSS
Exploits2
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•169 views

Microsoft SQL Server SQL Injection SUSER_SNAME Windows Domain Account Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SQL Server SQLi SUSERSNAME Windows Domain Account Enumeration', 'Description' = %q This module can be used to bruteforce RIDs associate...

7.4AI score
Exploits0
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•131 views

Oracle DB SQL Injection Via SYS.DBMS_METADATA.GET_XML

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.DBMSMETADATA.GETXML', 'Description' = %q This module will escalate an Oracle DB user to DBA by exploiting a sql...

7.4AI score
Exploits0
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•138 views

Wireshark CAPWAP Dissector Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wireshark CAPWAP Dissector DoS', 'Description' = %q This module injects a malformed UDP packet to crash Wireshark and TShark 1.8.0 to 1.8.7, as...

5CVSS6.9AI score0.32457EPSS
Exploits7
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•227 views

NetBIOS Response BadTunnel Brute Force Spoof (NAT Tunnel)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NetBIOS Response "BadTunnel" Brute Force Spoof NAT Tunnel', 'Description' = %q This module listens for a NetBIOS name request and then continuous...

10CVSS7AI score0.78311EPSS
Exploits2
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•200 views

Oracle TNS Listener SID Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle TNS Listener SID Enumeration', 'Description' = %q This module simply queries the TNS listener for the Oracle SID. With Oracle 9.2.0.8 and...

7.4AI score
Exploits0
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•182 views

Apple TV Video Remote Control

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule 'Apple TV Video Remote Control', 'Description' = %q This module plays a video on an AppleTV device. Note that AppleTV can be somewha...

7.4AI score
Exploits0
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•156 views

IBM Lotus Sametime WebPlayer Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM Lotus Sametime WebPlayer DoS', 'Description' = %q This module exploits a known flaw in the IBM Lotus Sametime WebPlayer version 8.5.2.1392 an...

4.3CVSS7.1AI score0.39225EPSS
Exploits2
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•172 views

ws Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ws - Denial of Service', 'Description' = %q This module exploits a Denial of Service vulnerability in npm module "ws". By sending a specially...

7.4AI score
Exploits0
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•134 views

Sophos Web Protection Appliance Patience.cgi Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'uri' class MetasploitModule 'Sophos Web Protection Appliance patience.cgi Directory Traversal', 'Description' = %q This module abuses a directory traversal in...

5CVSS7AI score0.8235EPSS
Exploits10
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•186 views

vBulletin /ajax/api/content_infraction/getIndexableContent nodeid Parameter SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'vBulletin /ajax/api/contentinfraction/getIndexableContent nodeid Parameter SQL Injection', 'Description' = %q This module exploits a SQL injectio...

9.8CVSS7AI score0.9382EPSS
Exploits13
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•202 views

Openbravo ERP XXE Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'net/dns' require 'rexml/document' class MetasploitModule 'Openbravo ERP XXE Arbitrary File Read', 'Description' = %q The Openbravo ERP XML API expands external...

3.5CVSS7AI score0.5674EPSS
Exploits3
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•218 views

Microsoft Windows Deployment Services Unattend Retrieval

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Windows Deployment Services Unattend Retrieval', 'Description' = %q This module retrieves the client unattend file from Windows...

7.4AI score
Exploits0
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•144 views

Ruby WEBrick::HTTP::DefaultFileHandler Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ruby WEBrick::HTTP::DefaultFileHandler DoS', 'Description' = %q The WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6...

7.8CVSS7AI score0.7933EPSS
Exploits3
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•152 views

pSnuffle Packet Sniffer

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework dsniff was helping me very often. Too bad that it doesn't work correctly anymore. Psnuffle should bring password sniffing into Metasploit local and if we get lucky even...

7.4AI score
Exploits0
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•193 views

Schneider Modicon Quantum Password Recovery

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Schneider Modicon Quantum Password Recovery', 'Description' = %q The Schneider Modicon Quantum series of Ethernet cards store usernames and...

7.4AI score
Exploits0
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•128 views

AlienVault Authenticated SQL Injection Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "AlienVault Authenticated SQL Injection Arbitrary File Read", 'Description' = %q AlienVault 4.5.0 is susceptible to an authenticated SQL injection...

7.4AI score
Exploits0
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•189 views

Oracle XML DB SID Discovery Via Brute Force

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle XML DB SID Discovery via Brute Force', 'Description' = %q This module attempts to retrieve the sid from the Oracle XML DB httpd server,...

7.4AI score
Exploits0
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•246 views

WordPress WP GDPR Compliance Plugin Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress WP GDPR Compliance Plugin Privilege Escalation', 'Description' = %q The Wordpress GDPR Compliance plugin 'Mikey Veenstra WordFence',...

9.8CVSS7AI score0.91843EPSS
Exploits4
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•264 views

Veritas Backup Exec Windows Remote File Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Veritas Backup Exec Windows Remote File Access', 'Description' = %q This module abuses a logic flaw in the Backup Exec Windows Agent to download...

10CVSS7AI score0.79629EPSS
Exploits3
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•148 views

Telpho10 Backup Credentials Dumper

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Telpho10 Backup Credentials Dumper', 'Description' = %q This module exploits a vulnerability present in all versions of Telpho10 telephone system...

7.4AI score
Exploits0
Packet Storm
Packet Storm•added 2024/08/31 12:0 a.m.•147 views

Pimcore Gather Credentials via SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pimcore Gather Credentials via SQL Injection', 'Description' = %q This module extracts the usernames and hashed passwords of all users of the...

6.5CVSS7AI score0.01507EPSS
Exploits7
Total number of security vulnerabilities50653