Exploit Database

The Rapid7 Exploit Database is an archive of Metasploit modules for publicly known exploits, 0days, remote exploits, shellcode, and more for researches and penetration testers to review. 3,000 plus modules are all available with relevant links to other technical documentation and source code. All of the modules included in the Exploit Database are also included in the Metasploit framework and utilized by our penetration testing tool, Metasploit Pro.


Displaying module details 111 - 120 of 3837 in total

Ayukov NFTP FTP Client Buffer Overflow Exploit

Disclosed: October 21, 2017

This module exploits a stack-based buffer overflow vulnerability against Ayukov NFTPD FTP Client 2.0 and earlier. By responding with a long string of data for the SYST request, it is possible to cause a denail-of-service condition on the FTP client, or arbitrary remote code exeuction under the context of the user if...

Oracle WebLogic wls-wsat Component Deserialization RCE Exploit

Disclosed: October 19, 2017

The Oracle WebLogic WLS WSAT Component is vulnerable to a XML Deserialization remote code execution vulnerability. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Discovered by Alexey Tyurin of ERPScan and Federico Dotta of Media Service. Please note that SRVHOST, SRVPORT, ...

Microsoft Office DDE Payload Delivery Exploit

Disclosed: October 09, 2017

This module generates an DDE command to place within a word document, that when executed, will retrieve a HTA payload via HTTP from an web server.

Easy Chat Server User Registeration Buffer Overflow (SEH) Exploit

Disclosed: October 09, 2017

This module exploits a buffer overflow during user registration in Easy Chat Server software.

Trend Micro OfficeScan Remote Code Execution Exploit

Disclosed: October 07, 2017

This module exploits the authentication bypass and command injection vulnerability together. Unauthenticated users can execute a terminal command under the context of the web server user. The specific flaw exists within the management interface, which listens on TCP port 443 by default. The Trend Micro Officescan product ...

Trend Micro InterScan Messaging Security (Virtual Appliance) Remote Code Execution Exploit

Disclosed: October 07, 2017

This module exploits the authentication bypass and command injection vulnerability together. Unauthenticated users can execute a terminal command under the context of the web server user. The specific flaw exists within the management interface, which listens on TCP port 443 by default. Trend Micro IMSVA product have wid...

HP Intelligent Management Java Deserialization RCE Exploit

Disclosed: October 03, 2017

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WebDMDebugServlet, which listens on TCP ports 8080 and 8443 by ...

Tomcat RCE via JSP Upload Bypass Exploit

Disclosed: October 03, 2017

This module uploads a jsp payload and executes it.

phpCollab 2.5.1 Unauthenticated File Upload Exploit

Disclosed: September 29, 2017

This module exploits a file upload vulnerability in phpCollab 2.5.1 which could be abused to allow unauthenticated users to execute arbitrary code under the context of the web server user. The exploit has been tested on Ubuntu 16.04.3 64-bit

CyberLink LabelPrint 2.5 Stack Buffer Overflow Exploit

Disclosed: September 23, 2017

This module exploits a stack buffer overflow in CyberLink LabelPrint 2.5 and below. The vulnerability is triggered when opening a .lpp project file containing overly long string characters via open file menu. This results in overwriting a structured exception handler record and take over the application. This module has b...