Lucene search
K
PacketstormRecent

50738 matches found

Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.161 views

HP LaserJet Printer SNMP Enumeration

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HP LaserJet Printer SNMP Enumeration', 'Description' = %q This module allows enumeration of files previously printed. It provides details as...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.204 views

Xerox Administrator Console Password Extractor

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Xerox Administrator Console Password Extractor', 'Description' = %q This module will extract the management console's admin password from the Xer...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.194 views

Firefox PDF.js Browser File Theft

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Firefox PDF.js Browser File Theft', 'Description' = %q This module abuses an XSS vulnerability in versions prior to Firefox 39.0.3, Firefox ESR...

8.8CVSS6.9AI score0.70226EPSS
Exploits8
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.255 views

Pi-Hole Top Domains API Authenticated Exec

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pi-Hole Top Domains API Authenticated Exec', 'Description' = %q This exploits a command execution in Pi-Hole Web Interface API/Web inetrace page...

8.8CVSS7AI score0.60181EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.459 views

OpenNMS Authenticated XXE

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'openssl' class MetasploitModule 'OpenNMS Authenticated XXE', 'Description' = %q OpenNMS is vulnerable to XML External Entity Injection in the Real-Time Console...

7.1AI score
Exploits2
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.196 views

Microsoft Windows NAT Helper Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Windows NAT Helper Denial of Service', 'Description' = %q This module exploits a denial of service vulnerability within the Internet...

2.6CVSS7.1AI score0.79086EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.404 views

Grandstream UCM62xx IP PBX WebSocket Blind SQL Injection Credential Dump

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Grandstream UCM62xx IP PBX WebSocket Blind SQL Injection Credential Dump', 'Description' = %q This module uses a blind SQL injection CVE-2020-572...

9.8CVSS7AI score0.11875EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.183 views

WordPress WP EasyCart Plugin Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress WP EasyCart Plugin Privilege Escalation', 'Description' = %q The WordPress WP EasyCart plugin from version 1.1.30 to 3.0.20 allows...

8.8CVSS7AI score0.18932EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.298 views

Native DNS Spoofer

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Native DNS Spoofer Example', 'Description' = %q This module provides a Rex based DNS service to resolve queries intercepted via the capture mixin...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.502 views

Wordpress BookingPress bookingpress_front_get_category_services SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Wordpress BookingPress bookingpressfrontgetcategoryservices SQLi', 'Description' = %q The BookingPress WordPress plugin before 1.0.11 fails to...

9.8CVSS7AI score0.37171EPSS
Exploits11
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.243 views

Varnish Cache CLI Login Utility

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/credentialcollection' require 'metasploit/framework/loginscanner/varnish' require 'metasploit/framework/tcp/client' class MetasploitModule...

7.5CVSS6.6AI score0.63824EPSS
Exploits7
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.150 views

NFR Agent Heap Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NFR Agent Heap Overflow Vulnerability', 'Description' = %q This module exploits a heap overflow in NFRAgent.exe, a component of Novell File...

10CVSS7AI score0.71194EPSS
Exploits22
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.327 views

Apache Tomcat AJP File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/proto/apachejp' class MetasploitModule 'Apache Tomcat AJP File Read', 'Description' = %q When using the Apache JServ Protocol AJP, care must be taken when...

9.8CVSS7.4AI score0.9927EPSS
Exploits45
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.329 views

Cisco IOX XE Unauthenticated OS Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco IOX XE unauthenticated OS command execution', 'Description' = %q This module leverages both CVE-2023-20198 and CVE-2023-20273 against...

10CVSS7.4AI score0.99571EPSS
Exploits27
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.234 views

NetBIOS Response BadTunnel Brute Force Spoof (NAT Tunnel)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NetBIOS Response "BadTunnel" Brute Force Spoof NAT Tunnel', 'Description' = %q This module listens for a NetBIOS name request and then continuous...

10CVSS7AI score0.77658EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.420 views

OpenSSL Server-Side ChangeCipherSpec Injection Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule Msf::Auxiliary include Msf::Exploit::Remote::Tcp include Msf::Auxiliary::Scanner include Msf::Auxiliary::Report CIPHERSUITES = 0xc014,...

7.4CVSS7.5AI score0.95326EPSS
Exploits9
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.283 views

SSL Labs API Client

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'activesupport/inflector' require 'json' require 'activesupport/coreext/hash' class MetasploitModule uri, 'agent' = useragent, 'method' = 'GET', 'varsget' = para...

7.4CVSS7.5AI score0.95326EPSS
Exploits9
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.243 views

OpenSSL TLS 1.1 and 1.2 AES-NI Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework auxiliary/dos/ssl/opensslaesni class MetasploitModule 'OpenSSL TLS 1.1 and 1.2 AES-NI DoS', 'Description' = %q The AES-NI implementation of OpenSSL 1.0.1c does not...

5CVSS6.9AI score0.39593EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.232 views

AlienVault Authenticated SQL Injection Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "AlienVault Authenticated SQL Injection Arbitrary File Read", 'Description' = %q AlienVault 4.6.1 and below is susceptible to an authenticated SQL...

6.5CVSS7.1AI score0.21193EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.366 views

Joomla com_contenthistory Error-Based SQL Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Joomla comcontenthistory Error-Based SQL Injection', 'Description' = %q This module exploits a SQL injection vulnerability in Joomla versions 3.2...

7.5CVSS7AI score0.99967EPSS
Exploits8
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.239 views

PostgreSQL Database Name Command Line Flag Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'PostgreSQL Database Name Command Line Flag Injection', 'Description' = %q This module can identify PostgreSQL 9.0, 9.1, and 9.2 servers that are...

6.5CVSS6.9AI score0.54312EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.215 views

Openbravo ERP XXE Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'net/dns' require 'rexml/document' class MetasploitModule 'Openbravo ERP XXE Arbitrary File Read', 'Description' = %q The Openbravo ERP XML API expands external...

3.5CVSS7AI score0.21074EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.199 views

Oracle Secure Backup Authentication Bypass / Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle Secure Backup Authentication Bypass/Command Injection Vulnerability', 'Description' = %q This module exploits an authentication bypass...

10CVSS7AI score0.72638EPSS
Exploits13
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.295 views

Control ID IDSecure Authentication Bypass

class MetasploitModule 'Control iD iDSecure Authentication Bypass CVE-2023-6329', 'Description' = %q This module exploits an improper access control vulnerability CVE-2023-6329 in Control iD iDSecure 'Michael Heinzl', MSF Module 'Tenable' Discovery and PoC , 'References' = 'CVE', '2023-6329',...

9.8CVSS7.1AI score0.65237EPSS
Exploits6
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.199 views

Varnish Cache CLI File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'metasploit/framework/tcp/client' require 'metasploit/framework/varnish/client' class MetasploitModule 'Varnish Cache CLI File Read', 'Description' = 'This modul...

7.5CVSS6.6AI score0.63824EPSS
Exploits7
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.216 views

Apple Airport Extreme Password Extraction (WDBRPC)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apple Airport Extreme Password Extraction WDBRPC', 'Description' = %q This module can be used to read the stored password of a vulnerable Apple...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.432 views

ColdFusion password.properties Hash Extraction

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "ColdFusion 'password.properties' Hash Extraction", 'Description' = %q This module uses a directory traversal vulnerability to extract information...

5CVSS7AI score0.74265EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.178 views

Apache Rave User Information Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Rave User Information Disclosure', 'Description' = %q This module exploits an information disclosure in Apache Rave 0.20 and prior. The...

4CVSS7AI score0.7322EPSS
Exploits10
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.185 views

Hashtable Collisions

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Hashtable Collisions', 'Description' = %q This module uses a denial-of-service DoS condition appearing in a variety of programming languages. Thi...

7.8CVSS7.3AI score0.83911EPSS
Exploits16
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.232 views

Cisco RV320/RV326 Configuration Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco RV320/RV326 Configuration Disclosure', 'Description' = %q A vulnerability in the web-based management interface of Cisco Small Business RV3...

7.5CVSS7.4AI score0.99876EPSS
Exploits19
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.360 views

Check Point Security Gateway Arbitrary File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Check Point Security Gateway Arbitrary File Read', 'Description' = %q This module leverages an unauthenticated arbitrary root file read...

8.6CVSS7.2AI score0.99978EPSS
Exploits52
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.257 views

NTP Monitor List Scanner

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NTP Monitor List Scanner', 'Description' = %q This module identifies NTP servers which permit "monlist" queries and obtains the recent clients...

5CVSS7.4AI score0.97549EPSS
Exploits23
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.396 views

Microsoft Windows 7 / Server 2008 R2 SMB Client Infinite Loop

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Windows 7 / Server 2008 R2 SMB Client Infinite Loop', 'Description' = %q This module exploits a denial of service flaw in the Microsoft...

9.3CVSS7.4AI score0.30879EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.138 views

Dell OpenManage POST Request Heap Overflow (win32)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Dell OpenManage POST Request Heap Overflow win32', 'Description' = %q This module exploits a heap overflow in the Dell OpenManage Web Server...

5CVSS7AI score0.1583EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.172 views

IpSwitch WhatsUp Gold TFTP Directory Traversal

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "IpSwitch WhatsUp Gold TFTP Directory Traversal", 'Description' = %q This modules exploits a directory traversal vulnerability in IpSwitch WhatsUp...

7.8CVSS7AI score0.57601EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.338 views

NTP.org ntpd Reserved Mode Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NTP.org ntpd Reserved Mode Denial of Service', 'Description' = %q This module exploits a denial of service vulnerability within the NTP network...

6.4CVSS7.1AI score0.32288EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.282 views

Viproy CUCDM IP Phone XML Services Call Forwarding Tool

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rexml/document' class MetasploitModule 'Viproy CUCDM IP Phone XML Services - Call Forwarding Tool', 'Description' = %q The BVSMWeb portal in the web framework i...

7.5CVSS6.7AI score0.21879EPSS
Exploits4
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.181 views

Indusoft WebStudio NTWebServer Remote File Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Indusoft WebStudio NTWebServer Remote File Access', 'Description' = %q This module exploits a directory traversal vulnerability in Indusoft...

10CVSS7AI score0.32043EPSS
Exploits2
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.218 views

SysAid Help Desk Database Credentials Disclosure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'openssl' class MetasploitModule 'SysAid Help Desk Database Credentials Disclosure', 'Description' = %q This module exploits a vulnerability in SysAid Help Desk...

8.5CVSS7AI score0.86643EPSS
Exploits10
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.411 views

Apache Superset Signed Cookie Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Superset Signed Cookie Priv Esc', 'Description' = %q Apache Superset versions 'h00die', MSF module 'paradoxis', original flask-unsign tool...

9.8CVSS7.2AI score0.97405EPSS
Exploits20
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.244 views

Microsoft Windows Browser Pool Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Microsoft Windows Browser Pool DoS', 'Description' = %q This module exploits a denial of service flaw in the Microsoft Windows SMB service on...

10CVSS7AI score0.68084EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/08/31 12:0 a.m.392 views

VSFTPD 2.3.2 Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VSFTPD 2.3.2 Denial of Service', 'Description' = %q This module triggers a Denial of Service condition in the VSFTPD server in versions before...

4CVSS6.9AI score0.7332EPSS
Exploits9
Packet Storm
Packet Storm
added 2024/08/30 12:0 a.m.217 views

Webpay E-Commerce 1.0 Directory Traversal

============================================================================================================================================= | Title : Webpay E-Commerce v1.0 Directory traversal Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/30 12:0 a.m.194 views

WordPress SeatReg 1.54.0 Open Redirection

============================================================================================================================================= | Title : WordPress SeatReg plugin 1.54.0 open redirection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefo...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/30 12:0 a.m.216 views

Water Billing Management System 1.0 Cross Site Request Forgery / File Upload

============================================================================================================================================= | Title : Water Billing Management System 1.0 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0....

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/30 12:0 a.m.258 views

WordPress GetYourGuide Ticketing 1.0.6 Cross Site Scripting

============================================================================================================================================= | Title : WordPress GetYourGuide Ticketing plugin 1.0.6 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firef...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/30 12:0 a.m.1331 views

SPIP 4.2.6 Code Execution

============================================================================================================================================= | Title : SPIP 4.2.6 PHP Code execution Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64 bits |...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/30 12:0 a.m.200 views

WordPress WP Event Manager 3.1.44 Cross Site Scripting

============================================================================================================================================= | Title : WordPress WP Event Manager plugin 3.1.44 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/29 12:0 a.m.171 views

Online Appointment System 1.0 Insecure Settings

==================================================================================================================================== | Title : Online Appointment System v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 125.0.1...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/08/29 12:0 a.m.341 views

Microsoft Windows IPv6 CVE-2024-38063 Checker / Denial Of Service

!/usr/bin/env python3 -- coding: utf-8 -- Exploit Title: Windows IPv6 CVE-2024-38063 Checker and Denial-Of-Service Date: 2024-08-07 Exploit Author: Photubias Vendor Homepage: https://microsoft.com Vendor Advisory: 1 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38063 Version:...

9.8CVSS6.9AI score0.70564EPSS
Exploits24
Total number of security vulnerabilities50738