Search Hints

  • Try searching for a product or vendor.
  • Only vulnerabilities that match all search terms will be returned.
  • Enclose search terms in double quotes for an exact search.
  • For CVE searches, only enter the CVE-YYYY-XXXX code.

Displaying module details 11 - 20 of 3011 in total

Novell ZENworks Configuration Management Arbitrary File Upload Exploit

Disclosed: April 07, 2015

This module exploits a file upload vulnerability in Novell ZENworks Configuration Management (ZCM, which is part of the ZENworks Suite). The vulnerability exists in the UploadServlet which accepts unauthenticated file uploads and does not check the "uid" parameter for directory traversal characters. This allows an attacke...

Ceragon FibeAir IP-10 SSH Private Key Exposure Exploit

Disclosed: April 01, 2015

Ceragon ships a public/private key pair on FibeAir IP-10 devices that allows passwordless authentication to any other IP-10 device. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as the "mateidu" user.

Airties login-cgi Buffer Overflow Exploit

Disclosed: March 31, 2015

This module exploits a remote buffer overflow vulnerability on several Airties routers. The vulnerability exists in the handling of HTTP queries to the login cgi with long redirect parameters. The vulnerability doesn't require authentication. This module has been tested successfully on the AirTies_Air5650v3TT_FW_1.0.2.0.b...

Wordpress InBoundio Marketing PHP Upload Vulnerability Exploit

Disclosed: March 24, 2015

This module exploits an arbitrary file upload in the WordPress InBoundio Marketing version 2.0. It allows to upload arbitrary php files and get remote code execution. This module has been tested successfully on WordPress InBoundio Marketing 2.0.3 with Wordpress 4.1.3 on Ubuntu 14.04 Server.

Wordpress Work The Flow Upload Vulnerability Exploit

Disclosed: March 14, 2015

This module exploits an arbitrary PHP code upload in the WordPress Work The Flow plugin, version 2.5.2. The vulnerability allows for arbitrary file upload and remote code execution.

Solarwinds Firewall Security Manager 6.6.5 Client Session Handling Vulnerability Exploit

Disclosed: March 13, 2015

This module exploits multiple vulnerabilities found in Solarwinds Firewall Security Manager 6.6.5. The first vulnerability is an authentication bypass via the Change Advisor interface due to a user-controlled session.putValue API in userlogin.jsp, allowing the attacker to set the 'username' attribute before authentication...

Adobe Flash Player NetConnection Type Confusion Exploit

Disclosed: March 12, 2015

This module exploits a type confusion vulnerability in the NetConnection class on Adobe Flash Player. When using a correct memory layout this vulnerability allows to corrupt arbitrary memory. It can be used to overwrite dangerous objects, like vectors, and finally accomplish remote code execution. This module has been tes...