Search Hints

  • Try searching for a product or vendor.
  • Only vulnerabilities that match all search terms will be returned.
  • Enclose search terms in double quotes for an exact search.
  • For CVE searches, only enter the CVE-YYYY-XXXX code.

Displaying module details 11 - 20 of 3142 in total

Oracle BeeHive 2 voice-servlet prepareAudioToPlay() Arbitrary File Upload Exploit

Disclosed: November 10, 2015

This module exploits a vulnerability found in Oracle BeeHive. The prepareAudioToPlay method found in voice-servlet can be abused to write a malicious file onto the target machine, and gain remote arbitrary code execution under the context of SYSTEM. Authentication is not required to exploit this vulnerability.

vBulletin 5.1.2 Unserialize Code Execution Exploit

Disclosed: November 04, 2015

This module exploits a PHP object injection vulnerability in vBulletin 5.1.2 to 5.1.9

Atlassian HipChat for Jira Plugin Velocity Template Injection Exploit

Disclosed: October 28, 2015

Atlassian Hipchat is a web service for internal instant messaging. A plugin is available for Jira that allows team collibration at real time. A message can be used to inject Java code into a Velocity template, and gain code exeuction as Jira. Authentication is required to exploit this vulnerability, and you must make sure...

China Chopper Caidao PHP Backdoor Code Execution Exploit

Disclosed: October 27, 2015

This module takes advantage of the China Chopper Webshell that is commonly used by Chinese hackers.

Joomla Content History SQLi Remote Code Execution Exploit

Disclosed: October 23, 2015

This module exploits a SQL injection vulnerability found in Joomla versions 3.2 up to 3.4.4. The vulnerability exists in the Content History administrator component in the core of Joomla. Triggering the SQL injection makes it possible to retrieve active Super User sessions. The cookie can be used to login to the J...

Joomla com_contenthistory Error-Based SQL Injection Exploit

Disclosed: October 22, 2015

This module exploits a SQL injection vulnerability in Joomla versions 3.2 through 3.4.4 in order to either enumerate usernames and password hashes.

Joomla Real Estate Manager Component Error-Based SQL Injection Exploit

Disclosed: October 22, 2015

This module exploits a SQL injection vulnerability in Joomla Plugin com_realestatemanager versions 3.7 in order to either enumerate usernames and password hashes.

Safari User-Assisted Applescript Exec Attack Exploit

Disclosed: October 16, 2015

In versions of Mac OS X before 10.11.1, the applescript:// URL scheme is provided, which opens the provided script in the Applescript Editor. Pressing cmd-R in the Editor executes the code without any additional confirmation from the user. By getting the user to press cmd-R in Safari, and by hooking the cmd-key ke...

Limesurvey Unauthenticated File Download Exploit

Disclosed: October 12, 2015

This module exploits an unauthenticated file download vulnerability in limesurvey between 2.0+ and 2.06+ Build 151014. The file is downloaded as a ZIP and unzipped automatically, thus binary files can be downloaded.

Wordpress Ajax Load More PHP Upload Vulnerability Exploit

Disclosed: October 10, 2015

This module exploits an arbitrary file upload in the WordPress Ajax Load More version 2.8.1.1. It allows to upload arbitrary php files and get remote code execution. This module has been tested successfully on WordPress Ajax Load More 2.8.0 with Wordpress 4.1.3 on Ubuntu 12.04/14.04 Server.