Search Hints

  • Try searching for a product or vendor.
  • Only vulnerabilities that match all search terms will be returned.
  • Enclose search terms in double quotes for an exact search.
  • For CVE searches, only enter the CVE-YYYY-XXXX code.

Displaying module details 11 - 20 of 3028 in total

HTTP Client Automatic Exploiter 2 (Browser Autopwn) Exploit

Disclosed: July 05, 2015

This module will automatically serve browser exploits. Here are the options you can configure: The Include option allows you to specify the kind of exploits to be loaded. For example, if you wish to load just Adobe Flash exploits, then you can set Include to 'adobe_flash'. The Exclude option will ignore exploits...

Adobe Flash Player Nellymoser Audio Decoding Buffer Overflow Exploit

Disclosed: June 23, 2015

This module exploits a buffer overflow on Adobe Flash Player when handling nellymoser encoded audio inside a FLV video, as exploited in the wild on June 2015. This module has been tested successfully on: Windows 7 SP1 (32-bit), IE11 and Adobe Flash 18.0.0.160, Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flas...

D-Link Cookie Command Execution Exploit

Disclosed: June 12, 2015

This module exploits an anonymous remote upload and code execution vulnerability on different D-Link devices. The vulnerability is a command injection in the cookie handling process of the lighttpd web server when handling specially crafted cookie values. This module has been successfully tested on D-Link DSP-W110A1_FW105...

SysAid Help Desk Administrator Portal Arbitrary File Upload Exploit

Disclosed: June 03, 2015

This module exploits a file upload vulnerability in SysAid Help Desk. The vulnerability exists in the ChangePhoto.jsp in the administrator portal, which does not correctly handle directory traversal sequences and does not enforce file extension restrictions. While an attacker needs an administrator account in orde...

SysAid Help Desk 'rdslogs' Arbitrary File Upload Exploit

Disclosed: June 03, 2015

This module exploits a file upload vulnerability in SysAid Help Desk v14.3 and v14.4. The vulnerability exists in the RdsLogsEntry servlet which accepts unauthenticated file uploads and handles zip file contents in a insecure way. By combining both weaknesses, a remote attacker can accomplish remote code execution. Note t...

SysAid Help Desk Database Credentials Disclosure Exploit

Disclosed: June 03, 2015

This module exploits a vulnerability in SysAid Help Desk that allows an unauthenticated user to download arbitrary files from the system. This is used to download the server configuration file that contains the database username and password, which is encrypted with a fixed, known key. This module has been tested with Sys...

SysAid Help Desk Administrator Account Creation Exploit

Disclosed: June 03, 2015

This module exploits a vulnerability in SysAid Help Desk that allows an unauthenticated user to create an administrator account. Note that this exploit will only work once. Any subsequent attempts will fail. On the other hand, the credentials must be verified manually. This module has been tested on SysAid 14.4 in Windows...

SysAid Help Desk Arbitrary File Download Exploit

Disclosed: June 03, 2015

This module exploits two vulnerabilities in SysAid Help Desk that allows an unauthenticated user to download arbitrary files from the system. First, an information disclosure vulnerability (CVE-2015-2997) is used to obtain the file system path, and then we abuse a directory traversal (CVE-2015-2996) to download th...

Adobe Flash Player Drawing Fill Shader Memory Corruption Exploit

Disclosed: May 12, 2015

This module exploits a memory corruption happening when applying a Shader as a drawing fill as exploited in the wild on June 2015. This module has been tested successfully on: Windows 7 SP1 (32-bit), IE11 and Adobe Flash 17.0.0.188, Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 17.0.0.188, Windows 8.1, F...

Adobe Flash Player ShaderJob Buffer Overflow Exploit

Disclosed: May 12, 2015

This module exploits a buffer overflow vulnerability related to the ShaderJob workings on Adobe Flash Player. The vulnerability happens when trying to apply a Shader setting up the same Bitmap object as src and destination of the ShaderJob. Modifying the "width" attribute of the ShaderJob after starting the job it's possi...