Search Hints

  • Try searching for a product or vendor.
  • Only vulnerabilities that match all search terms will be returned.
  • Enclose search terms in double quotes for an exact search.
  • For CVE searches, only enter the CVE-YYYY-XXXX code.

Displaying module details 31 - 40 of 3143 in total

MS15-100 Microsoft Windows Media Center MCL Vulnerability Exploit

Disclosed: September 08, 2015

This module exploits a vulnerability in Windows Media Center. By supplying an UNC path in the *.mcl file, a remote file will be automatically downloaded, which can result in arbitrary code execution.

Simple Backdoor Shell Remote Code Execution Exploit

Disclosed: September 08, 2015

This module exploits unauthenticated simple web backdoor shells by leveraging the common backdoor shell's vulnerable parameter to execute commands. The SecLists project of Daniel Miessler and Jason Haddix has a lot of samples for these kind of backdoor shells which is categorized under Payloads.

F5 iControl iCall::Script Root Command Execution Exploit

Disclosed: September 03, 2015

This module exploits an authenticated privilege escalation vulnerability in the iControl API on the F5 BIG-IP LTM (and likely other F5 devices). This requires valid credentials and the Resource Administrator role. The exploit should work on BIG-IP 11.3.0 - 11.6.0, (11.5.x < 11.5.3 HF2 or 11.6.x < 11.6.0 HF...

Nibbleblog File Upload Vulnerability Exploit

Disclosed: September 01, 2015

Nibbleblog contains a flaw that allows a authenticated remote attacker to execute arbitrary PHP code. This module was tested on version 4.0.3.

phpFileManager 0.9.8 Remote Code Execution Exploit

Disclosed: August 28, 2015

This module exploits a remote code execution vulnerability in phpFileManager 0.9.8 which is a filesystem management tool on a single file.

Konica Minolta FTP Utility 1.00 Post Auth CWD Command SEH Overflow Exploit

Disclosed: August 23, 2015

This module exploits an SEH overflow in Konica Minolta FTP Server 1.00. Konica Minolta FTP fails to check input size when parsing 'CWD' commands, which leads to an SEH overflow. Konica FTP allows anonymous access by default; valid credentials are typically unnecessary to exploit this vulnerability.

Windows Escalate UAC Protection Bypass (ScriptHost Vulnerability) Exploit

Disclosed: August 22, 2015

This module will bypass Windows UAC by utilizing the missing .manifest on the script host cscript/wscript.exe binaries.

ManageEngine ServiceDesk Plus Arbitrary File Upload Exploit

Disclosed: August 20, 2015

This module exploits a file upload vulnerability in ManageEngine ServiceDesk Plus. The vulnerability exists in the FileUploader servlet which accepts unauthenticated file uploads. This module has been tested successfully on versions v9 b9000 - b9102 in Windows and Linux. The MSP versions do not expose the vulnerable servlet.

CMS Bolt File Upload Vulnerability Exploit

Disclosed: August 17, 2015

Bolt CMS contains a flaw that allows an authenticated remote attacker to execute arbitrary PHP code. This module was tested on version 2.2.4.

Mac OS X "tpwn" Privilege Escalation Exploit

Disclosed: August 16, 2015

This module exploits a null pointer dereference in XNU to escalate privileges to root. Tested on 10.10.4 and 10.10.5.