Packetstorm - Page 62 of Packetstorm Vulnerabilities List

Packet Storm•added 2024/08/31 12:0 a.m.•203 views

SysAid Help Desk Database Credentials Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'openssl' class MetasploitModule 'SysAid Help Desk Database Credentials Disclosure', 'Description' = %q This module exploits a vulnerability in SysAid Help Desk...

8.5CVSS7AI score0.88235EPSS

Exploits10

Packet Storm•added 2024/08/31 12:0 a.m.•206 views

D-Link Central WiFiManager SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'csv' require 'digest' class MetasploitModule 'D-Link Central WiFiManager SQL injection', 'Description' = %q This module exploits a SQLi vulnerability found in...

9.8CVSS7AI score0.90075EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•166 views

Ubee DDW3611b Cable Modem Wifi Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ubee DDW3611b Cable Modem Wifi Enumeration', 'Description' = %q This module will extract WEP keys and WPA preshared keys from certain Ubee cable...

Packet Storm•added 2024/08/31 12:0 a.m.•352 views

OpenEMR 5.0.1 Patch 6 SQL Injection

require 'csv' This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenEMR 5.0.1 Patch 6 SQLi Dump', 'Description' = ' This module exploits a SQLi vulnerability found in OpenEMR version 5.0.1 Patch ...

9.8CVSS7AI score0.11666EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•226 views

Supra Smart Cloud TV Remote File Inclusion

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Supra Smart Cloud TV Remote File Inclusion', 'Description' = %q This module exploits an unauthenticated remote file inclusion which exists in Sup...

5.5CVSS7.1AI score0.33135EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•230 views

Jenkins Domain Credential Recovery

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'json' class MetasploitModule 'Jenkins Domain Credential Recovery', 'Description' = %q This module will collect Jenkins domain credentials, and uses the script...

Packet Storm•added 2024/08/31 12:0 a.m.•190 views

XM Easy Personal FTP Server 5.6.0 NLST Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'XM Easy Personal FTP Server 5.6.0 NLST DoS', 'Description' = %q This module is a port of shinnai's script. You need a valid login, but even...

4CVSS7.4AI score0.83067EPSS

Exploits5

Packet Storm•added 2024/08/31 12:0 a.m.•175 views

Xerox Workcentre 5735 LDAP Service Redential Extractor

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Xerox Workcentre 5735 LDAP Service Redential Extractor', 'Description' = %q This module extract the printer's LDAP username and password from Xer...

Packet Storm•added 2024/08/31 12:0 a.m.•217 views

OpenSSL Heartbeat (Heartbleed) Client Memory Exposure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenSSL Heartbeat Heartbleed Client Memory Exposure', 'Description' = %q This module provides a fake SSL service that is intended to leak memory...

7.5CVSS7.6AI score0.94464EPSS

Exploits86

Packet Storm•added 2024/08/31 12:0 a.m.•205 views

Cisco VPN Concentrator 3000 FTP Unauthorized Administrative Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco VPN Concentrator 3000 FTP Unauthorized Administrative Access', 'Description' = %q This module tests for a logic vulnerability in the Cisco...

5CVSS7.1AI score0.67665EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•157 views

Cerberus Helpdesk User Hash Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cerberus Helpdesk User Hash Disclosure', 'Description' = %q This module extracts usernames and password hashes from the Cerberus Helpdesk through...

Packet Storm•added 2024/08/31 12:0 a.m.•367 views

HP ILO 4 1.00-2.50 Authentication Bypass Administrator Account Creation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP iLO 4 1.00-2.50 Authentication Bypass Administrator Account Creation', 'Description' = %q This module exploits an authentication bypass in HP...

10CVSS7AI score0.94254EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•273 views

QNAP NAS/NVR Administrator Hash Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'QNAP NAS/NVR Administrator Hash Disclosure', 'Description' = %q This module exploits combined heap and stack buffer overflows for QNAP NAS and NV...

Packet Storm•added 2024/08/31 12:0 a.m.•302 views

ManageEngine ADAudit Plus Xnode Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine ADAudit Plus Xnode Enumeration', 'Description' = %q This module exploits default admin credentials for the DataEngine Xnode server i...

10CVSS9.6AI score0.89808EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•186 views

Jasmin Ransomware Web Server Unauthenticated SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Jasmin Ransomware Web Server Unauthenticated SQL Injection', 'Description' = %q The Jasmin Ransomware web server contains an unauthenticated SQL...

7AI score0.75688EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•428 views

CheckPoint Firewall-1 SecuRemote Topology Service Hostname Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'CheckPoint Firewall-1 SecuRemote Topology Service Hostname Disclosure', 'Description' = %q This module sends a query to the port 264/TCP on...

Packet Storm•added 2024/08/31 12:0 a.m.•123 views

FreeBSD Remote NFS RPC Request Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FreeBSD Remote NFS RPC Request Denial of Service', 'Description' = %q This module sends a specially-crafted NFS Mount request causing a kernel...

7.8CVSS7AI score0.79325EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•202 views

Allen-Bradley's Legacy Protocol (PCCC) Denial Of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "DoS Exploitation of Allen-Bradley's Legacy Protocol PCCC", 'Description' = %q A remote, unauthenticated attacker could send a single, specially...

7.5CVSS7AI score0.09954EPSS

8.5CVSS7AI score0.63489EPSS

RuggedCom Telnet Password Generator

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'RuggedCom Telnet Password Generator', 'Description' = %q This module will calculate the password for the hard-coded hidden username "factory" in...

Exploits8

Packet Storm•added 2024/08/31 12:0 a.m.•154 views

ManageEngine Password Manager SQLAdvancedALSearchResult.cc Pro SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine Password Manager SQLAdvancedALSearchResult.cc Pro SQL Injection', 'Description' = %q ManageEngine Password Manager Pro PMP has an...

6.5CVSS7AI score0.74916EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•216 views

IBM Lotus Notes Sametime User Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'enumerable' class MetasploitModule 'IBM Lotus Notes Sametime User Enumeration', 'Description' = %q This module extracts usernames using the IBM Lotus Notes...

5CVSS7.4AI score0.51751EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•136 views

Dell OpenManage POST Request Heap Overflow (win32)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Dell OpenManage POST Request Heap Overflow win32', 'Description' = %q This module exploits a heap overflow in the Dell OpenManage Web Server...

5CVSS7AI score0.67532EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•223 views

HP Data Protector 6.1 EXEC_CMD Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP Data Protector 6.1 EXECCMD Command Execution', 'Description' = %q This module exploits HP Data Protector's omniinet process, specifically...

10CVSS7AI score0.89891EPSS

Exploits30

Packet Storm•added 2024/08/31 12:0 a.m.•183 views

MS12-020 Microsoft Remote Desktop Use-After-Free Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS12-020 Microsoft Remote Desktop Use-After-Free DoS', 'Description' = %q This module exploits the MS12-020 RDP vulnerability originally discover...

9.3CVSS7AI score0.87379EPSS

Exploits11

Packet Storm•added 2024/08/31 12:0 a.m.•203 views

Oracle DB SQL Injection In MDSYS.SDO_TOPO_DROP_FTBL Trigger

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection in MDSYS.SDOTOPODROPFTBL Trigger', 'Description' = %q This module will escalate an Oracle DB user to MDSYS by exploiting ...

5.5CVSS7AI score0.51598EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•321 views

WordPress Plugin Automatic Config Change To Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Plugin Automatic Config Change to RCE', 'Description' = %q This module exploits an unauthenticated arbitrary wordpress options change...

Packet Storm•added 2024/08/31 12:0 a.m.•208 views

Oracle DB SQL Injection Via DBMS_EXPORT_EXTENSION

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via DBMSEXPORTEXTENSION', 'Description' = %q This module will escalate an Oracle DB user to DBA by exploiting a sql...

4.6CVSS7AI score0.64254EPSS

Gzip Memory Bomb Denial Of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'zlib' require 'stringio' class MetasploitModule 'Gzip Memory Bomb Denial Of Service', 'Description' = %q This module generates and hosts a 10MB single-round gzi...

Packet Storm•added 2024/08/31 12:0 a.m.•200 views

WebNMS Framework Server Credential Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WebNMS Framework Server Credential Disclosure', 'Description' = %q This module abuses two vulnerabilities in WebNMS Framework Server 5.2 to extra...

9.8CVSS7AI score0.9278EPSS

Exploits12

Packet Storm•added 2024/08/31 12:0 a.m.•158 views

vBulletin Password Collector via nodeid SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'vBulletin Password Collector via nodeid SQL Injection', 'Description' = %q This module exploits a SQL injection vulnerability found in vBulletin ...

6.5CVSS7AI score0.56348EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•182 views

Android Browser Open in New Tab Cookie Theft

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Android Browser "Open in New Tab" Cookie Theft', 'Description' = %q In Android's stock AOSP Browser application and WebView component, the "open ...

Packet Storm•added 2024/08/31 12:0 a.m.•198 views

Netgear PNPX_GetShareFolderList Authentication Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/credentialcollection' class MetasploitModule 'Netgear PNPXGetShareFolderList Authentication Bypass', 'Description' = %q This module targets...

Packet Storm•added 2024/08/31 12:0 a.m.•549 views

Oracle TNS Listener Checker

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle TNS Listener Checker', 'Description' = %q This module checks the server for vulnerabilities like TNS Poison. Module sends a server a packe...

7.5CVSS7.1AI score0.91411EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•322 views

Apache Tomcat AJP File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/proto/apachejp' class MetasploitModule 'Apache Tomcat AJP File Read', 'Description' = %q When using the Apache JServ Protocol AJP, care must be taken when...

9.8CVSS7.4AI score0.94469EPSS

Exploits44

Misconfigured Certificate Template Finder

class MetasploitModule 'Misconfigured Certificate Template Finder', 'Description' = %q This module allows users to query a LDAP server for vulnerable certificate templates and will print these certificates out in a table along with which attack they are vulnerable to and the SIDs that can be used...

Packet Storm•added 2024/08/31 12:0 a.m.•257 views

Progress MOVEit SFTP Authentication Bypass for Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'net/ssh/transport/session' require 'net/sftp' require 'openssl' class MetasploitModule 'Progress MOVEit SFTP Authentication Bypass for Arbitrary File Read',...

9.8CVSS7.1AI score0.89462EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•163 views

SAP Unauthenticated WebService User Creation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP Unauthenticated WebService User Creation', 'Description' = %q This module leverages an unauthenticated web service to submit a job which will...

10CVSS7.2AI score0.94395EPSS

Exploits6

Packet Storm•added 2024/08/31 12:0 a.m.•226 views

Cisco RV320/RV326 Configuration Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco RV320/RV326 Configuration Disclosure', 'Description' = %q A vulnerability in the web-based management interface of Cisco Small Business RV3...

7.5CVSS7.4AI score0.94385EPSS

Exploits19

Packet Storm•added 2024/08/31 12:0 a.m.•380 views

VSFTPD 2.3.2 Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VSFTPD 2.3.2 Denial of Service', 'Description' = %q This module triggers a Denial of Service condition in the VSFTPD server in versions before...

4CVSS6.9AI score0.23946EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•152 views

MantisBT Password Reset

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MantisBT password reset', 'Description' = %q MantisBT before 1.3.10, 2.2.4, and 2.3.1 are vulnerable to unauthenticated password reset. , 'Licens...

8.8CVSS7.4AI score0.92451EPSS

Exploits10

Packet Storm•added 2024/08/31 12:0 a.m.•372 views

Lansweeper Credential Collector

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Lansweeper Credential Collector', 'Description' = %q Lansweeper stores the credentials it uses to scan the computers in its Microsoft SQL databas...

Packet Storm•added 2024/08/31 12:0 a.m.•176 views

GNU Wget FTP Symlink Arbitrary Filesystem Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GNU Wget FTP Symlink Arbitrary Filesystem Access', 'Description' = %q This module exploits a vulnerability in Wget when used in recursive -r mode...

9.3CVSS7.4AI score0.74311EPSS

Exploits4

Packet Storm•added 2024/08/31 12:0 a.m.•382 views

Microsoft IIS 6.0 ASP Stack Exhaustion Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft IIS 6.0 ASP Stack Exhaustion Denial of Service', 'Description' = %q The vulnerability allows remote unauthenticated attackers to force...

4.3CVSS7AI score0.85958EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•196 views

NETGEAR WNR2000v5 Administrator Password Recovery

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'time' class MetasploitModule 'NETGEAR WNR2000v5 Administrator Password Recovery', 'Description' = %q The NETGEAR WNR2000 router has a vulnerability in the way i...

9.8CVSS7AI score0.86619EPSS

Exploits4

Packet Storm•added 2024/08/31 12:0 a.m.•232 views

Regsvr32.exe (.sct) Command Delivery Server

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Regsvr32.exe .sct Command Delivery Server', 'Description' = %q This module uses the Regsvr32.exe Application Whitelisting Bypass technique as a w...

Packet Storm•added 2024/08/31 12:0 a.m.•166 views

TrendMicro OfficeScanNT Listener Traversal Arbitrary File Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TrendMicro OfficeScanNT Listener Traversal Arbitrary File Access', 'Description' = %q This module tests for directory traversal vulnerability in...

5CVSS7AI score0.44618EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•183 views

Iomega StorCenter Pro NAS Web Authentication Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Iomega StorCenter Pro NAS Web Authentication Bypass', 'Description' = %q The Iomega StorCenter Pro Network Attached Storage device web interface...

9.8CVSS7.1AI score0.32334EPSS

7.5CVSS7AI score0.777EPSS

HP Intelligent Management SOM Account Creation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP Intelligent Management SOM Account Creation', 'Description' = %q This module exploits a lack of authentication and access control in HP...