Search Hints

  • Try searching for a product or vendor.
  • Only vulnerabilities that match all search terms will be returned.
  • Enclose search terms in double quotes for an exact search.
  • For CVE searches, only enter the CVE-YYYY-XXXX code.

Displaying module details 1 - 10 of 2847 in total

Generic Web Application DLL Injection Exploit

Disclosed: March 04, 2015

This is a general-purpose module for exploiting conditions where a HTTP request triggers a DLL load from an specified SMB share. This module serves payloads as DLLs over an SMB service and allows an arbitrary HTTP URL to be called that would trigger the load of the DLL.

Generic DLL Injection From Shared Resource Exploit

Disclosed: March 04, 2015

This is a general-purpose module for exploiting conditions where a DLL can be loaded from an specified SMB share. This module serves payloads as DLLs over an SMB service.

PHPMoAdmin 1.1.2 Remote Code Execution Exploit

Disclosed: March 03, 2015

This module exploits an arbitrary PHP command execution vulnerability due to a dangerous use of eval() in PHPMoAdmin.

Seagate Business NAS Unauthenticated Remote Command Execution Exploit

Disclosed: March 01, 2015

Some Seagate Business NAS devices are vulnerable to command execution via a local file include vulnerability hidden in the language parameter of the CodeIgniter session cookie. The vulnerability manifests in the way the language files are included in the code on the login page, and hence is open to attack from users ...

WordPress Admin Shell Upload Exploit

Disclosed: February 21, 2015

This module will generate a plugin, pack the payload into it and upload it to a server running WordPress providing valid admin credentials are used.

Javascript Injection for Eval-based Unpackers Exploit

Disclosed: February 18, 2015

This module generates a Javascript file that executes arbitrary code when an eval-based unpacker is run on it. Works against js-beautify's P_A_C_K_E_R unpacker.

Maarch LetterBox Unrestricted File Upload Exploit

Disclosed: February 11, 2015

This module exploits a file upload vulnerability on Maarch LetterBox 2.8 due to a lack of session and file validation in the file_to_index.php script. It allows unauthenticated users to upload files of any type and subsequently execute PHP scripts in the context of the web server.

WordPress Holding Pattern Theme Arbitrary File Upload Exploit

Disclosed: February 11, 2015

This module exploits a file upload vulnerability in all versions of the Holding Pattern theme found in the upload_file.php script which contains no session or file validation. It allows unauthenticated users to upload files of any type and subsequently execute PHP scripts in the context of the web server.

WordPress Ultimate CSV Importer User Table Extract Exploit

Disclosed: February 02, 2015

Due to lack of verification of a visitor's permissions, it is possible to execute the 'export.php' script included in the default installation of the Ultimate CSV Importer plugin and retrieve the full contents of the user table in the WordPress installation. This results in full disclosure of usernames, hashed pas...