Packetstorm - Page 64 of Packetstorm Vulnerabilities List

Packet Storm•added 2024/08/31 12:0 a.m.•153 views

SIP Deregister Extension

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SIP Deregister Extension', 'Description' = %q This module will attempt to deregister a SIP user from the provider. It has been tested successfull...

Packet Storm•added 2024/08/31 12:0 a.m.•151 views

F5 BigIP Access Policy Manager Session Exhaustion Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'F5 BigIP Access Policy Manager Session Exhaustion Denial of Service', 'Description' = %q This module exploits a resource exhaustion denial of...

Packet Storm•added 2024/08/31 12:0 a.m.•135 views

Schneider Modicon Ladder Logic Upload/Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Schneider Modicon Ladder Logic Upload/Download', 'Description' = %q The Schneider Modicon with Unity series of PLCs use Modbus function code 90...

Packet Storm•added 2024/08/31 12:0 a.m.•140 views

XM Easy Personal FTP Server 5.7.0 NLST Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'XM Easy Personal FTP Server 5.7.0 NLST DoS', 'Description' = %q You need a valid login to DoS this FTP server, but even anonymous can do it as lo...

4CVSS7AI score0.83067EPSS

Exploits5

Packet Storm•added 2024/08/31 12:0 a.m.•183 views

FileZilla FTP Server Malformed PORT Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'FileZilla FTP Server Malformed PORT Denial of Service', 'Description' = %q This module triggers a Denial of Service condition in the FileZilla FT...

4CVSS7.4AI score0.71543EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•147 views

SysAid Help Desk Administrator Account Creation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SysAid Help Desk Administrator Account Creation', 'Description' = %q This module exploits a vulnerability in SysAid Help Desk that allows an...

7.5CVSS7AI score0.77003EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•145 views

Novell EDirectory DHOST Predictable Session Cookie

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Novell eDirectory DHOST Predictable Session Cookie', 'Description' = %q This module is able to predict the next session cookie value issued by th...

7.5CVSS7AI score0.6034EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•246 views

WordPress Symposium Plugin SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Symposium Plugin SQL Injection', 'Description' = %q This module exploits a SQL injection vulnerability in the WP Symposium plugin befor...

7.5CVSS7.4AI score0.79815EPSS

Exploits5

Packet Storm•added 2024/08/31 12:0 a.m.•147 views

EMC CTA 10.0 Unauthenticated XXE Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'EMC CTA v10.0 Unauthenticated XXE Arbitrary File Read', 'Description' = %q EMC CTA v10.0 is susceptible to an unauthenticated XXE attack that...

7.8CVSS7AI score0.74022EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•242 views

Microsoft IIS FTP Server LIST Stack Exhaustion

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft IIS FTP Server LIST Stack Exhaustion', 'Description' = %q This module triggers Denial of Service condition in the Microsoft Internet...

5CVSS7.4AI score0.60775EPSS

Exploits9

Packet Storm•added 2024/08/31 12:0 a.m.•129 views

Axigen Arbitrary File Read And Delete

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Axigen Arbitrary File Read and Delete', 'Description' = %q This module exploits a directory traversal vulnerability in the WebAdmin interface of...

6.4CVSS7AI score0.79815EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•158 views

Samba lsa_io_privilege_set Heap Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Samba lsaioprivilegeset Heap Overflow', 'Description' = %q This module triggers a heap overflow in the LSA RPC service of the Samba daemon. ,...

10CVSS7.1AI score0.90126EPSS

Exploits23

Packet Storm•added 2024/08/31 12:0 a.m.•142 views

Microweber CMS 1.2.10 Local File Inclusion (Authenticated)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microweber CMS v1.2.10 Local File Inclusion Authenticated', 'Description' = %q Microweber CMS v1.2.10 has a backup functionality. Upload and...

Packet Storm•added 2024/08/31 12:0 a.m.•141 views

Network Shutdown Module sort_values Credential Dumper

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Network Shutdown Module sortvalues Credential Dumper', 'Description' = %q This module will extract user credentials from Network Shutdown Module...

Packet Storm•added 2024/08/31 12:0 a.m.•169 views

NETGEAR ProSafe Network Management System 300 Authenticated File Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NETGEAR ProSafe Network Management System 300 Authenticated File Download', 'Description' = %q Netgear's ProSafe NMS300 is a network management...

9.6CVSS7.4AI score0.65727EPSS

Exploits6

Packet Storm•added 2024/08/31 12:0 a.m.•237 views

Varnish Cache CLI Login Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/credentialcollection' require 'metasploit/framework/loginscanner/varnish' require 'metasploit/framework/tcp/client' class MetasploitModule...

7.5CVSS6.6AI score0.6839EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•158 views

HP LaserJet Printer SNMP Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP LaserJet Printer SNMP Enumeration', 'Description' = %q This module allows enumeration of files previously printed. It provides details as...

Packet Storm•added 2024/08/31 12:0 a.m.•197 views

Samsung Internet Browser SOP Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Samsung Internet Browser SOP Bypass', 'Description' = %q This module takes advantage of a Same-Origin Policy SOP bypass vulnerability in the...

7.5CVSS7.1AI score0.67505EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•138 views

Oracle DB SQL Injection Via SYS.LT.MERGEWORKSPACE

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.LT.MERGEWORKSPACE', 'Description' = %q This module exploits a sql injection flaw in the MERGEWORKSPACE procedure ...

5.5CVSS7AI score0.67346EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•342 views

Joomla com_contenthistory Error-Based SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Joomla comcontenthistory Error-Based SQL Injection', 'Description' = %q This module exploits a SQL injection vulnerability in Joomla versions 3.2...

7.5CVSS7AI score0.91612EPSS

Exploits8

Packet Storm•added 2024/08/31 12:0 a.m.•186 views

MS15-034 HTTP Protocol Stack Request Handling Denial-of-Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MS15-034 HTTP Protocol Stack Request Handling Denial-of-Service', 'Description' = %q This module will check if scanned hosts are vulnerable to...

10CVSS7AI score0.9431EPSS

Exploits16

Packet Storm•added 2024/08/31 12:0 a.m.•157 views

General Electric D20 Password Recovery

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This module grabs the device configuration from a GE D20M RTU and parses the usernames and passwords from it. class MetasploitModule 'General Electric D20 Password...

7.5CVSS7.1AI score0.2314EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•351 views

SAP Internet Graphics Server (IGS) XMLCHART XXE

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SAP Internet Graphics Server IGS XMLCHART XXE', 'Description' = %q This module exploits CVE-2018-2392 and CVE-2018-2393, two XXE vulnerabilities...

7.5CVSS7AI score0.86381EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•358 views

Ruby On Rails Devise Authentication Password Reset

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rexml/element' class MetasploitModule 'Ruby on Rails Devise Authentication Password Reset', 'Description' = %q The Devise authentication gem for Ruby on Rails i...

6.8CVSS7AI score0.68821EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•386 views

Apache Superset Signed Cookie Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Superset Signed Cookie Priv Esc', 'Description' = %q Apache Superset versions 'h00die', MSF module 'paradoxis', original flask-unsign tool...

9.8CVSS7.2AI score0.84026EPSS

Exploits20

Packet Storm•added 2024/08/31 12:0 a.m.•163 views

IBM Notes Denial Of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "IBM Notes Denial Of Service", 'Description' = %q This module exploits a vulnerability in the native browser that comes with IBM Lotus Notes. If...

6.5CVSS7AI score0.6548EPSS

Exploits10

Packet Storm•added 2024/08/31 12:0 a.m.•149 views

Apple Filing Protocol Login Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'openssl' require 'metasploit/framework/credentialcollection' require 'metasploit/framework/loginscanner/afp' class MetasploitModule 'Apple Filing Protocol Login...

Packet Storm•added 2024/08/31 12:0 a.m.•318 views

Intersil (Boa) HTTPd Basic Authentication Password Reset

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Intersil Boa HTTPd Basic Authentication Password Reset', 'Description' = %q The Intersil extension in the Boa HTTP Server 0.93.x - 0.94.11 allows...

10CVSS7.4AI score0.82494EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•152 views

Microsoft SRV2.SYS SMB2 Logoff Remote Kernel NULL Pointer Dereference

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SRV2.SYS SMB2 Logoff Remote Kernel NULL Pointer Dereference', 'Description' = %q This module triggers a NULL pointer dereference in the...

10CVSS7AI score0.93083EPSS

Exploits20

Packet Storm•added 2024/08/31 12:0 a.m.•239 views

Brocade Enable Login Check Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/credentialcollection' require 'metasploit/framework/loginscanner/telnet' class MetasploitModule 'Brocade Enable Login Check Scanner',...

7.2AI score0.37089EPSS

Exploits41

Packet Storm•added 2024/08/31 12:0 a.m.•177 views

SerComm Device Configuration Dump

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HTTP Web Management', 'user' = /httpusername=\S+/i, 'pass' = /httppassword=\S+/i , 'HTTP Web Management Login', 'user' = /loginusername=\S+/i,...

Packet Storm•added 2024/08/31 12:0 a.m.•192 views

TikiWiki Information Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TikiWiki Information Disclosure', 'Description' = %q A vulnerability has been reported in Tikiwiki, which can be exploited by an anonymous user t...

5CVSS7AI score0.53418EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•236 views

SAMR Computer Management

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rubysmb/dcerpc/client' class MetasploitModule 'SAMR Computer Management', 'Description' = %q Add, lookup and delete computer / machine accounts via MS-SAMR. By...

Packet Storm•added 2024/08/31 12:0 a.m.•170 views

Memcached Stats Amplification Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Memcached Stats Amplification Scanner', 'Description' = %q This module can be used to discover Memcached servers which expose the unrestricted UD...

7.5CVSS7AI score0.86753EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•259 views

Beckhoff TwinCAT SCADA PLC 2.11.0.2004 Denial Of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Beckhoff TwinCAT SCADA PLC 2.11.0.2004 DoS', 'Description' = %q The Beckhoff TwinCAT version 'Luigi Auriemma', Public exploit 'jfa', Metasploit...

5CVSS7AI score0.58413EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•186 views

Amazon Fire TV YouTube Remote Control

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Amazon Fire TV YouTube Remote Control', 'Description' = %q This module acts as a simple remote control for the Amazon Fire TV's YouTube app. Test...

Packet Storm•added 2024/08/31 12:0 a.m.•239 views

NTP Monitor List Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NTP Monitor List Scanner', 'Description' = %q This module identifies NTP servers which permit "monlist" queries and obtains the recent clients...

5CVSS7.4AI score0.92136EPSS

Exploits23

Packet Storm•added 2024/08/31 12:0 a.m.•131 views

HP Data Protector Manager RDS Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP Data Protector Manager RDS DOS', 'Description' = %q This module causes a remote DOS on HP Data Protector's RDS service. By sending a malformed...

5CVSS7AI score0.78834EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•188 views

WPAD.dat File Server

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WPAD.dat File Server', 'Description' = %q This module generates a valid wpad.dat file for WPAD mitm attacks. Usually this module is used in...

Packet Storm•added 2024/08/31 12:0 a.m.•149 views

Novell File Reporter Agent Arbitrary File Delete

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Novell File Reporter Agent Arbitrary File Delete', 'Description' = %q NFRAgent.exe in Novell File Reporter allows remote attackers to delete...

5CVSS7.4AI score0.70814EPSS

Exploits5

Packet Storm•added 2024/08/31 12:0 a.m.•249 views

Webmin File Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Webmin File Disclosure', 'Description' = %q A vulnerability has been reported in Webmin and Usermin, which can be exploited by malicious people t...

5CVSS7AI score0.86941EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•240 views

IBM DB2 Db2rcmd.exe Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IBM DB2 db2rcmd.exe Command Execution Vulnerability', 'Description' = %q This module exploits a vulnerability in the Remote Command Server...

7.2CVSS7.1AI score0.31914EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•262 views

Oracle ISQLPlus SID Check

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle iSQLPlus SID Check', 'Description' = %q This module attempts to bruteforce the SID on the Oracle application server iSQLPlus login pages. ...

Packet Storm•added 2024/08/31 12:0 a.m.•239 views

Oracle DB SQL Injection Via SYS.LT.FINDRICSET Evil Cursor Method

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.LT.FINDRICSET Evil Cursor Method', 'Description' = %q This module will escalate an Oracle DB user to DBA by...

6.5CVSS7AI score0.73241EPSS

Packet Storm•added 2024/08/31 12:0 a.m.•215 views

Generic Emailer (SMTP)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'yaml' class MetasploitModule 'Generic Emailer SMTP', 'Description' = %q This module can be used to automate email delivery. This code is based on Joshua Abraham...

Packet Storm•added 2024/08/31 12:0 a.m.•240 views

Kerberos Domain User Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/credentialcollection' require 'metasploit/framework/loginscanner/kerberos' class MetasploitModule 'Kerberos Domain User Enumeration',...

Packet Storm•added 2024/08/31 12:0 a.m.•229 views

NetBIOS Response Brute Force Spoof

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NetBIOS Response Brute Force Spoof Direct', 'Description' = %q This module continuously spams NetBIOS responses to a target for given hostname,...

Packet Storm•added 2024/08/31 12:0 a.m.•396 views

Apache mod_isapi Dangling Pointer

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache modisapi Dangling Pointer', 'Description' = %q This module triggers a use-after-free vulnerability in the Apache Software Foundation...

10CVSS6.9AI score0.86822EPSS

Exploits13

Packet Storm•added 2024/08/31 12:0 a.m.•181 views

Joomla Real Estate Manager Component Error-Based SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Joomla Real Estate Manager Component Error-Based SQL Injection', 'Description' = %q This module exploits a SQL injection vulnerability in Joomla...