50738 matches found
Nuuo Central Management Server Authenticated Arbitrary File Download
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nuuo Central Management Server Authenticated Arbitrary File Download', 'Description' = %q The Nuuo Central Management Server allows an...
Satel Iberia SenNet Data Logger And Electricity Meters Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Satel Iberia SenNet Data Logger and Electricity Meters Command Injection Vulnerability', 'Description' = %q This module exploits an OS Command...
Microsoft SQL Server SQL Injection Escalate Db_Owner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SQL Server SQLi Escalate DbOwner', 'Description' = %q This module can be used to escalate SQL Server user privileges to sysadmin throug...
Veritas Backup Exec Server Registry Access
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Veritas Backup Exec Server Registry Access', 'Description' = %q This modules exploits a remote registry access flaw in the BackupExec Windows...
Memcached Remote Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Memcached Remote Denial of Service', 'Description' = %q This module sends a specially-crafted packet to cause a segmentation fault in memcached...
Piwigo CVE-2023-26876 Gather Credentials via SQL Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Piwigo CVE-2023-26876 Gather Credentials via SQL Injection ', 'Description' = %q This module allows an authenticated user to retrieve the usernam...
HP Intelligent Management SOM Account Creation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP Intelligent Management SOM Account Creation', 'Description' = %q This module exploits a lack of authentication and access control in HP...
Samba read_nttrans_ea_list Integer Overflow
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/struct2' class MetasploitModule 'Samba readnttransealist Integer Overflow', 'Description' = %q Integer overflow in the readnttransealist function in nttrans...
Canon Wireless Printer Denial Of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Canon Wireless Printer Denial Of Service', 'Description' = %q The HTTP management interface on several models of Canon Wireless printers allows f...
Regsvr32.exe (.sct) Command Delivery Server
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Regsvr32.exe .sct Command Delivery Server', 'Description' = %q This module uses the Regsvr32.exe Application Whitelisting Bypass technique as a w...
Oracle DB 10gR2, 11gR1/R2 DBMS_JVM_EXP_PERMS OS Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB 10gR2, 11gR1/R2 DBMSJVMEXPPERMS OS Command Execution', 'Description' = %q This module exploits a flaw 0 day in DBMSJVMEXPPERMS package...
Oracle DB SQL Injection Via SYS.DBMS_CDC_PUBLISH.ALTER_AUTOLOG_CHANGE_SOURCE
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.DBMSCDCPUBLISH.ALTERAUTOLOGCHANGESOURCE', 'Description' = %q The module exploits an sql injection flaw in the...
Schneider Modicon Remote START/STOP Command
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Schneider Modicon Remote START/STOP Command', 'Description' = %q The Schneider Modicon with Unity series of PLCs use Modbus function code 90 0x5a...
CouchDB Enum Utility
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'CouchDB Enum Utility', 'Description' = %q This module enumerates databases on CouchDB using the REST API without authentication by default. ,...
SolarWinds TFTP Server 10.4.0.10 Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SolarWinds TFTP Server 10.4.0.10 Denial of Service' , 'Description' = %q The SolarWinds TFTP server can be shut down by sending a 'netascii' read...
Jenkins cli Ampersand Replacement Arbitrary File Read
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Jenkins cli Ampersand Replacement Arbitrary File Read', 'Description' = %q This module utilizes the Jenkins cli protocol to run the help command...
SonicWALL SSL-VPN Format String
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SonicWALL SSL-VPN Format String Vulnerability', 'Description' = %q There is a format string vulnerability within the SonicWALL SSL-VPN Appliance ...
Typo3 Sa-2009-002 File Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Typo3 sa-2009-002 File Disclosure', 'Description' = %q This module exploits a file disclosure vulnerability in the jumpUrl mechanism of Typo3. Th...
D-Link DSL 320B Password Extractor
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'D-Link DSL 320B Password Extractor', 'Description' = %q This module exploits an authentication bypass vulnerability in D-Link DSL 320B 'EDB',...
Oracle DB SQL Injection Via SYS.DBMS_CDC_IPUBLISH.ALTER_HOTLOG_INTERNAL_CSOURCE
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.DBMSCDCIPUBLISH.ALTERHOTLOGINTERNALCSOURCE', 'Description' = %q The module exploits an sql injection flaw in the...
CVE-2023-21554 QueueJumper - MSMQ Remote Code Execution Check
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'bindata' class MetasploitModule 'CVE-2023-21554 - QueueJumper - MSMQ RCE Check', 'Description' = %q This module checks the provided hosts for the CVE-2023-21554...
IBM BigFix Relay Server Sites and Package Enum
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM BigFix Relay Server Sites and Package Enum', 'Description' = %q This module retrieves masthead, site, and available package information from...
Novell File Reporter Agent Arbitrary File Delete
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Novell File Reporter Agent Arbitrary File Delete', 'Description' = %q NFRAgent.exe in Novell File Reporter allows remote attackers to delete...
Guild FTPd 0.999.8.11/0.999.14 Heap Corruption
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Guild FTPd 0.999.8.11/0.999.14 Heap Corruption', 'Description' = %q Guild FTPd 0.999.8.11 and 0.999.14 are vulnerable to heap corruption. You nee...
WordPress Custom-contact-forms Plugin SQL Upload
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress custom-contact-forms Plugin SQL Upload', 'Description' = %q The WordPress custom-contact-forms plugin 'Marc-Alexandre Montpas',...
SaltStack Salt Master Server Root Key Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SaltStack Salt Master Server Root Key Disclosure', 'Description' = %q This module exploits unauthenticated access to the prepauthinfo method in t...
rsyslog Long Tag Off-By-Two Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'rsyslog Long Tag Off-By-Two DoS', 'Description' = %q This module triggers an off-by-two overflow in the rsyslog daemon. This flaw is unlikely to...
OpenSSL DTLS ChangeCipherSpec Remote Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'OpenSSL DTLS ChangeCipherSpec Remote DoS', 'Description' = %q This module performs a Denial of Service Attack against Datagram TLS in OpenSSL...
SNMP Community Login Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/communitystringcollection' require 'metasploit/framework/loginscanner/snmp' class MetasploitModule 'SNMP Community Login Scanner',...
Beckhoff TwinCAT SCADA PLC 2.11.0.2004 Denial Of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Beckhoff TwinCAT SCADA PLC 2.11.0.2004 DoS', 'Description' = %q The Beckhoff TwinCAT version 'Luigi Auriemma', Public exploit 'jfa', Metasploit...
Kaseya VSA Master Administrator Account Creation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Kaseya VSA Master Administrator Account Creation', 'Description' = %q This module abuses the setAccount page on Kaseya VSA between 7 and 9.1 to...
Tautulli 2.1.9 Shutdown Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Tautulli v2.1.9 - Shutdown Denial of Service', 'Description' = 'Tautulli versions 2.1.9 and prior are vulnerable to denial of service via the...
Apache Range Header Denial of Service (Apache Killer)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Range Header DoS Apache Killer', 'Description' = %q The byterange filter in the Apache HTTP Server 2.0.x through 2.0.64, and 2.2.x through...
Oracle Secure Backup Authentication Bypass / Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability', 'Description' = %q This module exploits an authentication bypass...
WordPress All-in-One Migration Export
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress All-in-One Migration Export', 'Description' = %q This module allows you to export Wordpress data such as the database, plugins, themes,...
Nexpose XXE Arbitrary File Read
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'nexpose' class MetasploitModule 'Nexpose XXE Arbitrary File Read', 'Description' = %q Nexpose v5.7.2 and prior is vulnerable to a XML External Entity attack via...
Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference', 'Description' = %q This module exploits an out of bounds function table...
General Electric D20ME TFTP Server Buffer Overflow / Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework The General Electric D20 and possibly other devices have numerous buffer overruns in their TFTP servers and probably other servers. There are many buffer overruns like i...
Microsoft Vista SP0 SMB Negotiate Protocol Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Vista SP0 SMB Negotiate Protocol DoS', 'Description' = %q This module exploits a flaw in Windows Vista that allows a remote...
ManageEngine Multiple Products Arbitrary Directory Listing
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ManageEngine Multiple Products Arbitrary Directory Listing', 'Description' = %q This module exploits a directory listing information disclosure...
Joomla Real Estate Manager Component Error-Based SQL Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Joomla Real Estate Manager Component Error-Based SQL Injection', 'Description' = %q This module exploits a SQL injection vulnerability in Joomla...
vBulletin /ajax/api/content_infraction/getIndexableContent nodeid Parameter SQL Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'vBulletin /ajax/api/contentinfraction/getIndexableContent nodeid Parameter SQL Injection', 'Description' = %q This module exploits a SQL injectio...
Cambium CnPilot R200/r201 Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Cambium cnPilot r200/r201 Command Execution as 'root'", 'Description' = %q Cambium cnPilot r200/r201 device software versions 4.2.3-R4 to 4.3.3-R...
AlienVault Authenticated SQL Injection Arbitrary File Read
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "AlienVault Authenticated SQL Injection Arbitrary File Read", 'Description' = %q AlienVault 4.5.0 is susceptible to an authenticated SQL injection...
SAP SOAP EPS_DELETE_FILE File Deletion
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This module is based on, inspired by, or is a port of a plugin available in the Onapsis Bizploit Opensource ERP Penetration Testing framework -...
Iomega StorCenter Pro NAS Web Authentication Bypass
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Iomega StorCenter Pro NAS Web Authentication Bypass', 'Description' = %q The Iomega StorCenter Pro Network Attached Storage device web interface...
7-Technologies IGSS 9 IGSSdataServer.exe Denial Of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule '7-Technologies IGSS 9 IGSSdataServer.exe DoS', 'Description' = %q The 7-Technologies SCADA IGSS Data Server IGSSdataServer.exe 'jfa', Metasploit...
VMware Server Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMware Server Directory Traversal Vulnerability', 'Description' = 'This modules exploits the VMware Server Directory Traversal vulnerability in...
HP ILO 4 1.00-2.50 Authentication Bypass Administrator Account Creation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP iLO 4 1.00-2.50 Authentication Bypass Administrator Account Creation', 'Description' = %q This module exploits an authentication bypass in HP...
Ruby on Rails JSON Processor Floating Point Heap Overflow Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ruby on Rails JSON Processor Floating Point Heap Overflow DoS', 'Description' = %q When Ruby attempts to convert a string representation of a lar...