Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•304 views

Joomla Account Creation And Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Joomla Account Creation and Privilege Escalation', 'Description' = %q This module creates an arbitrary account with administrative privileges in...

9.8CVSS7AI score0.97426EPSS
Exploits15
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•965 views

Hikvision IP Camera Unauthenticated Password Change Via Improper Authentication Logic

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Hikvision IP Camera Unauthenticated Password Change Via Improper Authentication Logic', 'Description' = %q Many Hikvision IP cameras contain...

10CVSS7AI score0.99998EPSS
Exploits11
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•392 views

Microsoft IIS 6.0 ASP Stack Exhaustion Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft IIS 6.0 ASP Stack Exhaustion Denial of Service', 'Description' = %q The vulnerability allows remote unauthenticated attackers to force...

4.3CVSS7AI score0.57231EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•227 views

NetDecision 4.2 TFTP Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "NetDecision 4.2 TFTP Directory Traversal", 'Description' = %q This modules exploits a directory traversal vulnerability in NetDecision 4.2 TFTP...

10CVSS7AI score0.5451EPSS
Exploits7
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•568 views

Oracle TNS Listener Checker

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle TNS Listener Checker', 'Description' = %q This module checks the server for vulnerabilities like TNS Poison. Module sends a server a packe...

7.5CVSS7.1AI score0.77633EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•335 views

Jetty WEB-INF File Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Jetty WEB-INF File Disclosure', 'Description' = %q Jetty suffers from a vulnerability where certain encoded URIs and ambiguous paths can access...

5.3CVSS7AI score0.99298EPSS
Exploits11
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•439 views

Microsoft SQL Server SUSER_SNAME SQL Logins Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SQL Server SUSERSNAME SQL Logins Enumeration', 'Description' = %q This module can be used to obtain a list of all logins from a SQL...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•205 views

Microsoft SQL Server SQL Injection NTLM Stealer

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft SQL Server SQLi NTLM Stealer', 'Description' = %q This module can be used to help capture or relay the LM/NTLM credentials of the accou...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•182 views

Cisco PVC2300 POE Video Camera Configuration Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco PVC2300 POE Video Camera configuration download', 'Description' = %q This module exploits an information disclosure vulnerability in Cisco...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•195 views

HTTP Client Automatic Exploiter

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework ideas: - add a loading page option so the user can specify arbitrary html to insert all of the evil js and iframes into - caching is busted when different browsers come...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•147 views

Ruby WEBrick::HTTP::DefaultFileHandler Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ruby WEBrick::HTTP::DefaultFileHandler DoS', 'Description' = %q The WEBrick::HTTP::DefaultFileHandler in WEBrick in Ruby 1.8.5 and earlier, 1.8.6...

7.8CVSS7AI score0.70202EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•147 views

Novell EDirectory DHOST Predictable Session Cookie

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Novell eDirectory DHOST Predictable Session Cookie', 'Description' = %q This module is able to predict the next session cookie value issued by th...

7.5CVSS7AI score0.49864EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•197 views

BillQuick Web Suite txtID SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'BillQuick Web Suite txtID SQLi', 'Description' = %q This module exploits a SQL injection vulnerability in BillQUick Web Suite prior to version...

9.8CVSS7AI score0.73269EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•189 views

Cisco IKE Information Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco IKE Information Disclosure', 'Description' = %q A vulnerability in Internet Key Exchange version 1 IKEv1 packet processing code in Cisco IO...

7.5CVSS7.2AI score0.87687EPSS
Exploits7
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•181 views

Oracle DB SQL Injection Via SYS.LT.COMPRESSWORKSPACE

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.LT.COMPRESSWORKSPACE', 'Description' = %q This module exploits an sql injection flaw in the COMPRESSWORKSPACE...

5.5CVSS7AI score0.1143EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•183 views

TeamViewer Unquoted URI Handler SMB Redirect

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TeamViewer Unquoted URI Handler SMB Redirect', 'Description' = %q This module exploits an unquoted parameter call within the Teamviewer URI handl...

8.8CVSS7.1AI score0.25895EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•173 views

TYPO3 Sa-2009-001 Weak Encryption Key File Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TYPO3 sa-2009-001 Weak Encryption Key File Disclosure', 'Description' = %q This module exploits a flaw in TYPO3 encryption ey creation process to...

7.5CVSS7AI score0.09442EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•190 views

D-Link DIR-600 / DIR-300 Unauthenticated Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'D-Link DIR-600 / DIR-300 Unauthenticated Remote Command Execution', 'Description' = %q This module exploits an OS Command Injection vulnerability...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•180 views

C2S DVR Management Password Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'C2S DVR Management Password Disclosure', 'Description' = %q C2S DVR allows an unauthenticated user to disclose the username & password by...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•150 views

TrendMicro Data Loss Prevention 5.5 Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TrendMicro Data Loss Prevention 5.5 Directory Traversal', 'Description' = %q This module tests whether a directory traversal vulnerability is...

4.3CVSS7AI score0.99708EPSS
Exploits22
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•214 views

Arris / Motorola Surfboard SBG6580 Web Interface Takeover

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Arris / Motorola Surfboard SBG6580 Web Interface Takeover', 'Description' = %q The web interface for the Arris / Motorola Surfboard SBG6580 has...

7.2AI score
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•272 views

ContentKeeper Web Appliance Mimencode File Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ContentKeeper Web Appliance mimencode File Access', 'Description' = %q This module abuses the 'mimencode' binary present within ContentKeeper Web...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•211 views

WordPress W3-Total-Cache 0.9.2.4 Username / Hash Extraction

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress W3-Total-Cache Plugin 0.9.2.4 or before Username and Hash Extract', 'Description' = "The W3-Total-Cache Wordpress Plugin MSFLICENSE,...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•314 views

NTP Clock Variables Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NTP Clock Variables Disclosure', 'Description' = %q This module reads the system internal NTP variables. These variables contain potentially...

5CVSS6.7AI score0.97549EPSS
Exploits23
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•243 views

TeamTalk Gather Credentials

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'TeamTalk Gather Credentials', 'Description' = %q This module retrieves user credentials from BearWare TeamTalk. Valid administrator credentials a...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•370 views

VMware vCenter Server vmdir Information Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMware vCenter Server vmdir Information Disclosure', 'Description' = %q This module uses an anonymous-bind LDAP connection to dump data from the...

9.8CVSS9.6AI score0.90384EPSS
Exploits20
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•464 views

Peplink Balance Routers SQL Injection

class MetasploitModule 'Peplink Balance routers SQLi', 'Description' = %q Firmware versions up to 7.0.0-build1904 of Peplink Balance routers are affected by an unauthenticated SQL injection vulnerability in the bauth cookie, successful exploitation of the vulnerability allows an attacker to...

9.8CVSS7AI score0.61577EPSS
Exploits7
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•267 views

NUUO NVRmini 2 / NETGEAR ReadyNAS Surveillance Default Configuration Load And Administrator Password Reset

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NUUO NVRmini 2 / NETGEAR ReadyNAS Surveillance Default Configuration Load and Administrator Password Reset', 'Description' = %q The NVRmini 2...

7.5CVSS7AI score0.53715EPSS
Exploits6
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•206 views

Netgear PNPX_GetShareFolderList Authentication Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/credentialcollection' class MetasploitModule 'Netgear PNPXGetShareFolderList Authentication Bypass', 'Description' = %q This module targets...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•357 views

DoliWamp jqueryFileTree.php Traversal Gather Credentials

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "DoliWamp 'jqueryFileTree.php' Traversal Gather Credentials", 'Description' = %q This module will extract user credentials from DoliWamp - a WAMP...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•232 views

Cisco RV320/RV326 Configuration Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco RV320/RV326 Configuration Disclosure', 'Description' = %q A vulnerability in the web-based management interface of Cisco Small Business RV3...

7.5CVSS7.4AI score0.99876EPSS
Exploits19
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•200 views

MS14-052 Microsoft Internet Explorer XMLDOM Filename Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "MS14-052 Microsoft Internet Explorer XMLDOM Filename Disclosure", 'Description' = %q This module will use the Microsoft XMLDOM object to enumerat...

6.5CVSS7AI score0.58023EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•161 views

HP LaserJet Printer SNMP Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP LaserJet Printer SNMP Enumeration', 'Description' = %q This module allows enumeration of files previously printed. It provides details as...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•204 views

Xerox Administrator Console Password Extractor

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Xerox Administrator Console Password Extractor', 'Description' = %q This module will extract the management console's admin password from the Xer...

7.4AI score
Exploits0
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•255 views

Pi-Hole Top Domains API Authenticated Exec

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pi-Hole Top Domains API Authenticated Exec', 'Description' = %q This exploits a command execution in Pi-Hole Web Interface API/Web inetrace page...

8.8CVSS7AI score0.60181EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•459 views

OpenNMS Authenticated XXE

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'openssl' class MetasploitModule 'OpenNMS Authenticated XXE', 'Description' = %q OpenNMS is vulnerable to XML External Entity Injection in the Real-Time Console...

7.1AI score
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•196 views

Microsoft Windows NAT Helper Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Windows NAT Helper Denial of Service', 'Description' = %q This module exploits a denial of service vulnerability within the Internet...

2.6CVSS7.1AI score0.79086EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•404 views

Grandstream UCM62xx IP PBX WebSocket Blind SQL Injection Credential Dump

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Grandstream UCM62xx IP PBX WebSocket Blind SQL Injection Credential Dump', 'Description' = %q This module uses a blind SQL injection CVE-2020-572...

9.8CVSS7AI score0.11875EPSS
Exploits4
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•183 views

WordPress WP EasyCart Plugin Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress WP EasyCart Plugin Privilege Escalation', 'Description' = %q The WordPress WP EasyCart plugin from version 1.1.30 to 3.0.20 allows...

8.8CVSS7AI score0.18932EPSS
Exploits4
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•243 views

Varnish Cache CLI Login Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/credentialcollection' require 'metasploit/framework/loginscanner/varnish' require 'metasploit/framework/tcp/client' class MetasploitModule...

7.5CVSS6.6AI score0.63824EPSS
Exploits7
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•150 views

NFR Agent Heap Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NFR Agent Heap Overflow Vulnerability', 'Description' = %q This module exploits a heap overflow in NFRAgent.exe, a component of Novell File...

10CVSS7AI score0.71194EPSS
Exploits22
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•327 views

Apache Tomcat AJP File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/proto/apachejp' class MetasploitModule 'Apache Tomcat AJP File Read', 'Description' = %q When using the Apache JServ Protocol AJP, care must be taken when...

9.8CVSS7.4AI score0.9927EPSS
Exploits45
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•329 views

Cisco IOX XE Unauthenticated OS Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco IOX XE unauthenticated OS command execution', 'Description' = %q This module leverages both CVE-2023-20198 and CVE-2023-20273 against...

10CVSS7.4AI score0.99571EPSS
Exploits27
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•234 views

NetBIOS Response BadTunnel Brute Force Spoof (NAT Tunnel)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NetBIOS Response "BadTunnel" Brute Force Spoof NAT Tunnel', 'Description' = %q This module listens for a NetBIOS name request and then continuous...

10CVSS7AI score0.77658EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•420 views

OpenSSL Server-Side ChangeCipherSpec Injection Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule Msf::Auxiliary include Msf::Exploit::Remote::Tcp include Msf::Auxiliary::Scanner include Msf::Auxiliary::Report CIPHERSUITES = 0xc014,...

7.4CVSS7.5AI score0.95326EPSS
Exploits9
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•283 views

SSL Labs API Client

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'activesupport/inflector' require 'json' require 'activesupport/coreext/hash' class MetasploitModule uri, 'agent' = useragent, 'method' = 'GET', 'varsget' = para...

7.4CVSS7.5AI score0.95326EPSS
Exploits9
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•232 views

AlienVault Authenticated SQL Injection Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "AlienVault Authenticated SQL Injection Arbitrary File Read", 'Description' = %q AlienVault 4.6.1 and below is susceptible to an authenticated SQL...

6.5CVSS7.1AI score0.21193EPSS
Exploits3
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•282 views

Viproy CUCDM IP Phone XML Services Call Forwarding Tool

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rexml/document' class MetasploitModule 'Viproy CUCDM IP Phone XML Services - Call Forwarding Tool', 'Description' = %q The BVSMWeb portal in the web framework i...

7.5CVSS6.7AI score0.21879EPSS
Exploits4
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•181 views

Indusoft WebStudio NTWebServer Remote File Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Indusoft WebStudio NTWebServer Remote File Access', 'Description' = %q This module exploits a directory traversal vulnerability in Indusoft...

10CVSS7AI score0.32043EPSS
Exploits2
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•218 views

SysAid Help Desk Database Credentials Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'openssl' class MetasploitModule 'SysAid Help Desk Database Credentials Disclosure', 'Description' = %q This module exploits a vulnerability in SysAid Help Desk...

8.5CVSS7AI score0.86643EPSS
Exploits10
Total number of security vulnerabilities50738