• Close
  • Exploit Database

    The Rapid7 Exploit Database is an archive of Metasploit modules for publicly known exploits, 0days, remote exploits, shellcode, and more for researches and penetration testers to review. 3,000 plus modules are all available with relevant links to other technical documentation and source code. All of the modules included in the Exploit Database are also included in the Metasploit framework and utilized by our penetration testing tool, Metasploit Pro.

    Displaying module details 11 - 20 of 3259 in total

    Drupal CODER Module Remote Command Execution Exploit

    Disclosed: July 13, 2016

    This module exploits a Remote Command Execution vulnerability in the Drupal CODER Module. Unauthenticated users can execute arbitrary commands under the context of the web server user. The CODER module doesn't sufficiently validate user inputs in a script file that has the PHP extension. A malicious unauthenticat...

    Drupal RESTWS Module Remote PHP Code Execution Exploit

    Disclosed: July 13, 2016

    This module exploits a Remote PHP Code Execution vulnerability in the Drupal RESTWS Module. Unauthenticated users can execute arbitrary code under the context of the web server user. RESTWS alters the default page callbacks for entities to provide additional functionality. A vulnerability in this approach allows ...

    Tiki Wiki Unauthenticated File Upload Vulnerability Exploit

    Disclosed: July 11, 2016

    This module exploits a file upload vulnerability in Tiki Wiki <= 15.1 which could be abused to allow unauthenticated users to execute arbitrary code under the context of the web server user. The issue comes with one of the 3rd party components. Name of that components is ELFinder -version 2.0-. This components co...

    NetBSD mail.local Privilege Escalation Exploit

    Disclosed: July 07, 2016

    This module attempts to exploit a race condition in mail.local with SUID bit set on: NetBSD 7.0 - 7.0.1 (verified on 7.0.1) NetBSD 6.1 - 6.1.5 NetBSD 6.0 - 6.0.6 Successful exploitation relies on a crontab job with root privilege, which may take up to 10min to execute.

    WebNMS Framework Server Arbitrary File Upload Exploit

    Disclosed: July 04, 2016

    This module abuses a vulnerability in WebNMS Framework Server 5.2 that allows an unauthenticated user to upload text files by using a directory traversal attack on the FileUploadServlet servlet. A JSP file can be uploaded that then drops and executes a malicious payload, achieving code execution under the user which the WebNMS server is running....

    WebNMS Framework Server Credential Disclosure Exploit

    Disclosed: July 04, 2016

    This module abuses two vulnerabilities in WebNMS Framework Server 5.2 to extract all user credentials. The first vulnerability is a unauthenticated file download in the FetchFile servlet, which is used to download the file containing the user credentials. The second vulnerability is that the the passwords in the file are obfuscated with a very w...

    WebNMS Framework Server Arbitrary Text File Download Exploit

    Disclosed: July 04, 2016

    This module abuses a vulnerability in WebNMS Framework Server 5.2 that allows an unauthenticated user to download files off the file system by using a directory traversal attack on the FetchFile servlet. Note that only text files can be downloaded properly, as any binary file will get mangled by the servlet. Also note that for Windows targets yo...

    Phoenix Exploit Kit Remote Code Execution Exploit

    Disclosed: July 01, 2016

    This module exploits a Remote Code Execution in the web panel of Phoenix Exploit Kit via geoip.php. The Phoenix Exploit Kit is a popular commercial crimeware tool that probes the browser of the visitor for the presence of outdated and insecure versions of browser plugins like Java and Adobe Flash and Reader, silently inst...

    Docker Daemon Privilege Escalation Exploit

    Disclosed: June 28, 2016

    This module obtains root privileges from any host account with access to the Docker daemon. Usually this includes accounts in the `docker` group.

    Riverbed SteelCentral NetProfiler/NetExpress Remote Code Execution Exploit

    Disclosed: June 27, 2016

    This module exploits three separate vulnerabilities found in the Riverbed SteelCentral NetProfiler/NetExpress virtual appliances to obtain remote command execution as the root user. A SQL injection in the login form can be exploited to add a malicious user into the application's database. An attacker can then exploit a co...