• Close
  • Exploit Database

    The Rapid7 Exploit Database is an archive of Metasploit modules for publicly known exploits, 0days, remote exploits, shellcode, and more for researches and penetration testers to review. 3,000 plus modules are all available with relevant links to other technical documentation and source code. All of the modules included in the Exploit Database are also included in the Metasploit framework and utilized by our penetration testing tool, Metasploit Pro.

    Displaying module details 1 - 10 of 3257 in total

    Internet Explorer Iframe Sandbox File Name Disclosure Vulnerability Exploit

    Disclosed: August 09, 2016

    It was found that Internet Explorer allows the disclosure of local file names. This issue exists due to the fact that Internet Explorer behaves different for file:// URLs pointing to existing and non-existent files. When used in combination with HTML5 sandbox iframes it is possible to use this behavior to find out...

    DLL Side Loading Vulnerability in VMware Host Guest Client Redirector Exploit

    Disclosed: August 05, 2016

    A DLL side loading vulnerability was found in the VMware Host Guest Client Redirector, a component of VMware Tools. This issue can be exploited by luring a victim into opening a document from the attacker's share. An attacker can exploit this issue to execute arbitrary code with the privileges of the target user. This can poten...

    Samsung Security Manager 1.5 ActiveMQ Broker Service PUT Method Remote Code Execution Exploit

    Disclosed: August 05, 2016

    This is an exploit against Samsung Security Manager that bypasses the patch in CVE-2015-3435 by exploiting the vulnerability against the client side. This exploit has been tested successfully against IE, FireFox and Chrome by abusing a GET request XSS to bypass CORS and reach the vulnerable PUT. Finally, a traversal is us...

    NUUO NVRmini 2 / NETGEAR ReadyNAS Surveillance Default Configuration Load and Administrator Password Reset Exploit

    Disclosed: August 04, 2016

    The NVRmini 2 Network Video Recorded and the ReadyNAS Surveillance application are vulnerable to an administrator password reset on the exposed web management interface. Note that this only works for unauthenticated attackers in earlier versions of the Nuuo firmware (before v1.7.6), otherwise you need an administrative us...

    NUUO NVRmini 2 / Crystal / NETGEAR ReadyNAS Surveillance Authenticated Remote Code Execution Exploit

    Disclosed: August 04, 2016

    The NVRmini 2 Network Video Recorder, Crystal NVR and the ReadyNAS Surveillance application are vulnerable to an authenticated remote code execution on the exposed web administration interface. An administrative account is needed to exploit this vulnerability. This results in code execution as root in the NVRmini and the ...

    NUUO NVRmini 2 / NETGEAR ReadyNAS Surveillance Unauthenticated Remote Code Execution Exploit

    Disclosed: August 04, 2016

    The NVRmini 2 Network Video Recorder and the ReadyNAS Surveillance application are vulnerable to an unauthenticated remote code execution on the exposed web administration interface. This results in code execution as root in the NVRmini and the 'admin' user in ReadyNAS. This exploit has been tested on several versions of ...

    SMB Delivery Exploit

    Disclosed: July 26, 2016

    This module serves payloads via an SMB server and provides commands to retrieve and execute the generated payloads. Currently supports DLLs and Powershell.

    Drupal CODER Module Remote Command Execution Exploit

    Disclosed: July 13, 2016

    This module exploits a Remote Command Execution vulnerability in the Drupal CODER Module. Unauthenticated users can execute arbitrary commands under the context of the web server user. The CODER module doesn't sufficiently validate user inputs in a script file that has the PHP extension. A malicious unauthenticat...

    Drupal RESTWS Module Remote PHP Code Execution Exploit

    Disclosed: July 13, 2016

    This module exploits a Remote PHP Code Execution vulnerability in the Drupal RESTWS Module. Unauthenticated users can execute arbitrary code under the context of the web server user. RESTWS alters the default page callbacks for entities to provide additional functionality. A vulnerability in this approach allows ...

    Tiki Wiki Unauthenticated File Upload Vulnerability Exploit

    Disclosed: July 11, 2016

    This module exploits a file upload vulnerability in Tiki Wiki <= 15.1 which could be abused to allow unauthenticated users to execute arbitrary code under the context of the web server user. The issue comes with one of the 3rd party components. Name of that components is ELFinder -version 2.0-. This components co...