Search Hints

  • Try searching for a product or vendor.
  • Only vulnerabilities that match all search terms will be returned.
  • Enclose search terms in double quotes for an exact search.
  • For CVE searches, only enter the CVE-YYYY-XXXX code.

Displaying module details 21 - 30 of 3141 in total

ManageEngine ServiceDesk Plus Path Traversal Exploit

Disclosed: October 03, 2015

This module exploits an unauthenticated path traversal vulnerability found in ManageEngine ServiceDesk Plus build 9110 and lower. The module will retrieve any file on the filesystem with the same privileges as Support Center Plus is running. On Windows, files can be retrieved with SYSTEM privileges. The issue has been res...

Mac OS X 10.9.5 / 10.10.5 - rsh/libmalloc Privilege Escalation Exploit

Disclosed: October 01, 2015

This module writes to the sudoers file without root access by exploiting rsh and malloc log files. Makes sudo require no password, giving access to su even if root is disabled. Works on OS X 10.9.5 to 10.10.5 (patched on 10.11).

BisonWare BisonFTP Server 3.5 Directory Traversal Information Disclosure Exploit

Disclosed: September 28, 2015

This module exploits a directory traversal vulnerability found in BisonWare BisonFTP server version 3.5. This vulnerability allows an attacker to download arbitrary files from the server by crafting a RETR command including file system traversal strings such as '..//.'

PCMan FTP Server 2.0.7 Directory Traversal Information Disclosure Exploit

Disclosed: September 28, 2015

This module exploits a directory traversal vulnerability found in PCMan FTP Server 2.0.7. This vulnerability allows an attacker to download arbitrary files from the server by crafting a RETR command that includes file system traversal strings such as '..//'

Kaseya VSA uploader.aspx Arbitrary File Upload Exploit

Disclosed: September 23, 2015

This module exploits an arbitrary file upload vulnerability found in Kaseya VSA versions between 7 and 9.1. A malicious unauthenticated user can upload an ASP file to an arbitrary directory leading to arbitrary code execution with IUSR privileges. This module has been tested with Kaseya v7.0.0.17, v8.0.0.10 and v9.0.0.3.

Kaseya VSA Master Administrator Account Creation Exploit

Disclosed: September 23, 2015

This module abuses the setAccount page on Kaseya VSA between 7 and 9.1 to create a new Master Administrator account. Normally this page is only accessible via the localhost interface, but the application does nothing to prevent this apart from attempting to force a redirect. This module has been tested with Kaseya VSA v7....

Konica Minolta FTP Utility 1.00 Directory Traversal Information Disclosure Exploit

Disclosed: September 22, 2015

This module exploits a directory traversal vulnerability found in Konica Minolta FTP Utility 1.0. This vulnerability allows an attacker to download arbitrary files from the server by crafting a RETR command that includes file system traversal strings such as '..//'

ManageEngine OpManager Remote Code Execution Exploit

Disclosed: September 14, 2015

This module exploits a default credential vulnerability in ManageEngine OpManager, where a default hidden account "IntegrationUser" with administrator privileges exists. The account has a default password of "plugin" which can not be reset through the user interface. By log-in and abusing the default administrator's SQL q...

MS15-100 Microsoft Windows Media Center MCL Vulnerability Exploit

Disclosed: September 08, 2015

This module exploits a vulnerability in Windows Media Center. By supplying an UNC path in the *.mcl file, a remote file will be automatically downloaded, which can result in arbitrary code execution.

Simple Backdoor Shell Remote Code Execution Exploit

Disclosed: September 08, 2015

This module exploits unauthenticated simple web backdoor shells by leveraging the common backdoor shell's vulnerable parameter to execute commands. The SecLists project of Daniel Miessler and Jason Haddix has a lot of samples for these kind of backdoor shells which is categorized under Payloads.