Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•160 views

Nuuo Central Management Server Authenticated Arbitrary File Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nuuo Central Management Server Authenticated Arbitrary File Download', 'Description' = %q The Nuuo Central Management Server allows an...

9.8CVSS7AI score0.19653EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•165 views

Satel Iberia SenNet Data Logger And Electricity Meters Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Satel Iberia SenNet Data Logger and Electricity Meters Command Injection Vulnerability', 'Description' = %q This module exploits an OS Command...

9CVSS7.1AI score0.15538EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•163 views

Microsoft SQL Server SQL Injection Escalate Db_Owner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SQL Server SQLi Escalate DbOwner', 'Description' = %q This module can be used to escalate SQL Server user privileges to sysadmin throug...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•390 views

Veritas Backup Exec Server Registry Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Veritas Backup Exec Server Registry Access', 'Description' = %q This modules exploits a remote registry access flaw in the BackupExec Windows...

10CVSS7AI score0.54155EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•146 views

Memcached Remote Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Memcached Remote Denial of Service', 'Description' = %q This module sends a specially-crafted packet to cause a segmentation fault in memcached...

5CVSS6.9AI score0.22317EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•293 views

Piwigo CVE-2023-26876 Gather Credentials via SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Piwigo CVE-2023-26876 Gather Credentials via SQL Injection ', 'Description' = %q This module allows an authenticated user to retrieve the usernam...

8.8CVSS7AI score0.09725EPSS
Exploits5
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•176 views

HP Intelligent Management SOM Account Creation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP Intelligent Management SOM Account Creation', 'Description' = %q This module exploits a lack of authentication and access control in HP...

7.5CVSS7AI score0.23927EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•316 views

Samba read_nttrans_ea_list Integer Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/struct2' class MetasploitModule 'Samba readnttransealist Integer Overflow', 'Description' = %q Integer overflow in the readnttransealist function in nttrans...

5CVSS7AI score0.69008EPSS
Exploits7
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•183 views

Canon Wireless Printer Denial Of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Canon Wireless Printer Denial Of Service', 'Description' = %q The HTTP management interface on several models of Canon Wireless printers allows f...

5CVSS7AI score0.15641EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•254 views

Regsvr32.exe (.sct) Command Delivery Server

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Regsvr32.exe .sct Command Delivery Server', 'Description' = %q This module uses the Regsvr32.exe Application Whitelisting Bypass technique as a w...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•254 views

Oracle DB 10gR2, 11gR1/R2 DBMS_JVM_EXP_PERMS OS Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB 10gR2, 11gR1/R2 DBMSJVMEXPPERMS OS Command Execution', 'Description' = %q This module exploits a flaw 0 day in DBMSJVMEXPPERMS package...

6.5CVSS6.6AI score0.1125EPSS
Exploits4
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•251 views

Oracle DB SQL Injection Via SYS.DBMS_CDC_PUBLISH.ALTER_AUTOLOG_CHANGE_SOURCE

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.DBMSCDCPUBLISH.ALTERAUTOLOGCHANGESOURCE', 'Description' = %q The module exploits an sql injection flaw in the...

5.5CVSS7AI score0.0954EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•136 views

Schneider Modicon Remote START/STOP Command

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Schneider Modicon Remote START/STOP Command', 'Description' = %q The Schneider Modicon with Unity series of PLCs use Modbus function code 90 0x5a...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•309 views

CouchDB Enum Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'CouchDB Enum Utility', 'Description' = %q This module enumerates databases on CouchDB using the REST API without authentication by default. ,...

10CVSS6.9AI score0.99838EPSS
Exploits21
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•152 views

SolarWinds TFTP Server 10.4.0.10 Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SolarWinds TFTP Server 10.4.0.10 Denial of Service' , 'Description' = %q The SolarWinds TFTP server can be shut down by sending a 'netascii' read...

5CVSS7AI score0.55953EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•289 views

Jenkins cli Ampersand Replacement Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Jenkins cli Ampersand Replacement Arbitrary File Read', 'Description' = %q This module utilizes the Jenkins cli protocol to run the help command...

9.8CVSS7.2AI score0.99999EPSS
Exploits46
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•162 views

SonicWALL SSL-VPN Format String

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SonicWALL SSL-VPN Format String Vulnerability', 'Description' = %q There is a format string vulnerability within the SonicWALL SSL-VPN Appliance ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•278 views

Typo3 Sa-2009-002 File Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Typo3 sa-2009-002 File Disclosure', 'Description' = %q This module exploits a file disclosure vulnerability in the jumpUrl mechanism of Typo3. Th...

5CVSS7AI score0.42227EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•201 views

D-Link DSL 320B Password Extractor

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'D-Link DSL 320B Password Extractor', 'Description' = %q This module exploits an authentication bypass vulnerability in D-Link DSL 320B 'EDB',...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•253 views

Oracle DB SQL Injection Via SYS.DBMS_CDC_IPUBLISH.ALTER_HOTLOG_INTERNAL_CSOURCE

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.DBMSCDCIPUBLISH.ALTERHOTLOGINTERNALCSOURCE', 'Description' = %q The module exploits an sql injection flaw in the...

5.5CVSS7AI score0.09524EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•1458 views

CVE-2023-21554 QueueJumper - MSMQ Remote Code Execution Check

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'bindata' class MetasploitModule 'CVE-2023-21554 - QueueJumper - MSMQ RCE Check', 'Description' = %q This module checks the provided hosts for the CVE-2023-21554...

9.8CVSS7AI score0.95454EPSS
Exploits7
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•269 views

IBM BigFix Relay Server Sites and Package Enum

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM BigFix Relay Server Sites and Package Enum', 'Description' = %q This module retrieves masthead, site, and available package information from...

5.3CVSS7.1AI score0.22547EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•153 views

Novell File Reporter Agent Arbitrary File Delete

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Novell File Reporter Agent Arbitrary File Delete', 'Description' = %q NFRAgent.exe in Novell File Reporter allows remote attackers to delete...

5CVSS7.4AI score0.16807EPSS
Exploits5
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•174 views

Guild FTPd 0.999.8.11/0.999.14 Heap Corruption

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Guild FTPd 0.999.8.11/0.999.14 Heap Corruption', 'Description' = %q Guild FTPd 0.999.8.11 and 0.999.14 are vulnerable to heap corruption. You nee...

10CVSS7AI score0.60692EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•265 views

WordPress Custom-contact-forms Plugin SQL Upload

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress custom-contact-forms Plugin SQL Upload', 'Description' = %q The WordPress custom-contact-forms plugin 'Marc-Alexandre Montpas',...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•276 views

SaltStack Salt Master Server Root Key Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SaltStack Salt Master Server Root Key Disclosure', 'Description' = %q This module exploits unauthenticated access to the prepauthinfo method in t...

9.8CVSS7.4AI score0.96405EPSS
Exploits25
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•188 views

rsyslog Long Tag Off-By-Two Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'rsyslog Long Tag Off-By-Two DoS', 'Description' = %q This module triggers an off-by-two overflow in the rsyslog daemon. This flaw is unlikely to...

5CVSS6.9AI score0.20759EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•146 views

OpenSSL DTLS ChangeCipherSpec Remote Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenSSL DTLS ChangeCipherSpec Remote DoS', 'Description' = %q This module performs a Denial of Service Attack against Datagram TLS in OpenSSL...

5CVSS7AI score0.80134EPSS
Exploits9
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•528 views

SNMP Community Login Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/communitystringcollection' require 'metasploit/framework/loginscanner/snmp' class MetasploitModule 'SNMP Community Login Scanner',...

6.9AI score0.27166EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•269 views

Beckhoff TwinCAT SCADA PLC 2.11.0.2004 Denial Of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Beckhoff TwinCAT SCADA PLC 2.11.0.2004 DoS', 'Description' = %q The Beckhoff TwinCAT version 'Luigi Auriemma', Public exploit 'jfa', Metasploit...

5CVSS7AI score0.50556EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•251 views

Kaseya VSA Master Administrator Account Creation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kaseya VSA Master Administrator Account Creation', 'Description' = %q This module abuses the setAccount page on Kaseya VSA between 7 and 9.1 to...

9.8CVSS7.4AI score0.82102EPSS
Exploits13
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•156 views

Tautulli 2.1.9 Shutdown Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Tautulli v2.1.9 - Shutdown Denial of Service', 'Description' = 'Tautulli versions 2.1.9 and prior are vulnerable to denial of service via the...

6.5CVSS7AI score0.14706EPSS
Exploits9
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•675 views

Apache Range Header Denial of Service (Apache Killer)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Range Header DoS Apache Killer', 'Description' = %q The byterange filter in the Apache HTTP Server 2.0.x through 2.0.64, and 2.2.x through...

7.8CVSS7.2AI score0.98945EPSS
Exploits17
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•149 views

Oracle Secure Backup Authentication Bypass / Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability', 'Description' = %q This module exploits an authentication bypass...

5CVSS7AI score0.5156EPSS
Exploits6
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•236 views

WordPress All-in-One Migration Export

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress All-in-One Migration Export', 'Description' = %q This module allows you to export Wordpress data such as the database, plugins, themes,...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•177 views

Nexpose XXE Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'nexpose' class MetasploitModule 'Nexpose XXE Arbitrary File Read', 'Description' = %q Nexpose v5.7.2 and prior is vulnerable to a XML External Entity attack via...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•375 views

Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference', 'Description' = %q This module exploits an out of bounds function table...

10CVSS7.4AI score0.90121EPSS
Exploits20
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•172 views

General Electric D20ME TFTP Server Buffer Overflow / Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework The General Electric D20 and possibly other devices have numerous buffer overruns in their TFTP servers and probably other servers. There are many buffer overruns like i...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•234 views

Microsoft Vista SP0 SMB Negotiate Protocol Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Vista SP0 SMB Negotiate Protocol DoS', 'Description' = %q This module exploits a flaw in Windows Vista that allows a remote...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•253 views

ManageEngine Multiple Products Arbitrary Directory Listing

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine Multiple Products Arbitrary Directory Listing', 'Description' = %q This module exploits a directory listing information disclosure...

7.5CVSS7AI score0.83399EPSS
Exploits11
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•182 views

Joomla Real Estate Manager Component Error-Based SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Joomla Real Estate Manager Component Error-Based SQL Injection', 'Description' = %q This module exploits a SQL injection vulnerability in Joomla...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•201 views

vBulletin /ajax/api/content_infraction/getIndexableContent nodeid Parameter SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'vBulletin /ajax/api/contentinfraction/getIndexableContent nodeid Parameter SQL Injection', 'Description' = %q This module exploits a SQL injectio...

9.8CVSS7AI score0.88948EPSS
Exploits13
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•257 views

Cambium CnPilot R200/r201 Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Cambium cnPilot r200/r201 Command Execution as 'root'", 'Description' = %q Cambium cnPilot r200/r201 device software versions 4.2.3-R4 to 4.3.3-R...

9CVSS7.4AI score0.39181EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•133 views

AlienVault Authenticated SQL Injection Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "AlienVault Authenticated SQL Injection Arbitrary File Read", 'Description' = %q AlienVault 4.5.0 is susceptible to an authenticated SQL injection...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•171 views

SAP SOAP EPS_DELETE_FILE File Deletion

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This module is based on, inspired by, or is a port of a plugin available in the Onapsis Bizploit Opensource ERP Penetration Testing framework -...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•192 views

Iomega StorCenter Pro NAS Web Authentication Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Iomega StorCenter Pro NAS Web Authentication Bypass', 'Description' = %q The Iomega StorCenter Pro Network Attached Storage device web interface...

9.8CVSS7.1AI score0.23195EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•201 views

7-Technologies IGSS 9 IGSSdataServer.exe Denial Of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule '7-Technologies IGSS 9 IGSSdataServer.exe DoS', 'Description' = %q The 7-Technologies SCADA IGSS Data Server IGSSdataServer.exe 'jfa', Metasploit...

5CVSS7AI score0.21149EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•264 views

VMware Server Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMware Server Directory Traversal Vulnerability', 'Description' = 'This modules exploits the VMware Server Directory Traversal vulnerability in...

5CVSS7AI score0.83378EPSS
Exploits8
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•377 views

HP ILO 4 1.00-2.50 Authentication Bypass Administrator Account Creation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP iLO 4 1.00-2.50 Authentication Bypass Administrator Account Creation', 'Description' = %q This module exploits an authentication bypass in HP...

10CVSS7AI score0.99335EPSS
Exploits9
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•200 views

Ruby on Rails JSON Processor Floating Point Heap Overflow Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ruby on Rails JSON Processor Floating Point Heap Overflow DoS', 'Description' = %q When Ruby attempts to convert a string representation of a lar...

6.8CVSS7AI score0.34968EPSS
Exploits3
Total number of security vulnerabilities50738