• Close
  • Exploit Database

    The Rapid7 Exploit Database is an archive of Metasploit modules for publicly known exploits, 0days, remote exploits, shellcode, and more for researches and penetration testers to review. 3,000 plus modules are all available with relevant links to other technical documentation and source code. All of the modules included in the Exploit Database are also included in the Metasploit framework and utilized by our penetration testing tool, Metasploit Pro.

    Displaying module details 21 - 30 of 3257 in total

    Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution Exploit

    Disclosed: June 01, 2016

    This module exploits a remote command execution vulnerability in Apache Struts version between 2.3.20 and 2.3.28 (except 2.3.20.2 and 2.3.24.2). Remote Code Execution can be performed when using REST Plugin with ! operator when Dynamic Method Invocation is enabled.

    Magento 2.0.6 Unserialize Remote Code Execution Exploit

    Disclosed: May 17, 2016

    This module exploits a PHP object injection vulnerability in Magento 2.0.6 or prior.

    Internet Explorer 11 VBScript Engine Memory Corruption Exploit

    Disclosed: May 10, 2016

    This module exploits the memory corruption vulnerability (CVE-2016-0189) present in the VBScript engine of Internet Explorer 11.

    IPFire proxy.cgi RCE Exploit

    Disclosed: May 04, 2016

    IPFire, a free linux based open source firewall distribution, version < 2.19 Update Core 101 contains a remote command execution vulnerability in the proxy.cgi page.

    WordPress Ninja Forms Unauthenticated File Upload Exploit

    Disclosed: May 04, 2016

    Versions 2.9.36 to 2.9.42 of the Ninja Forms plugin contain an unauthenticated file upload vulnerability, allowing guests to upload arbitrary PHP code that can be executed in the context of the web server.

    ImageMagick Delegate Arbitrary Command Execution Exploit

    Disclosed: May 03, 2016

    This module exploits a shell command injection in the way "delegates" (commands for converting files) are processed in ImageMagick versions <= 7.0.1-0 and <= 6.9.3-9 (legacy). Since ImageMagick uses file magic to detect file format, you can create a .png (for example) which is actually a crafted SVG (for example)...

    Allwinner 3.4 Legacy Kernel Local Privilege Escalation Exploit

    Disclosed: April 30, 2016

    This module attempts to exploit a debug backdoor privilege escalation in Allwinner SoC based devices. Vulnerable Allwinner SoC chips: H3, A83T or H8 which rely on Kernel 3.4 Vulnerable OS: all OS images available for Orange Pis, any for FriendlyARM's NanoPi M1, SinoV...

    Apache Struts Dynamic Method Invocation Remote Code Execution Exploit

    Disclosed: April 27, 2016

    This module exploits a remote command execution vulnerability in Apache Struts version between 2.3.20 and 2.3.28 (except 2.3.20.2 and 2.3.24.2). Remote Code Execution can be performed via method: prefix when Dynamic Method Invocation is enabled.

    Apache Struts Dynamic Method Invocation Remote Code Execution Exploit

    Disclosed: April 27, 2016

    This module exploits a remote command execution vulnerability in Apache Struts version between 2.3.20 and 2.3.28 (except 2.3.20.2 and 2.3.24.2). Remote Code Execution can be performed via method: prefix when Dynamic Method Invocation is enabled.

    Regsvr32.exe (.sct) Application Whitelisting Bypass Server Exploit

    Disclosed: April 19, 2016

    This module simplifies the Regsvr32.exe Application Whitelisting Bypass technique. The module creates a web server that hosts an .sct file. When the user types the provided regsvr32 command on a system, regsvr32 will request the .sct file and then execute the included PowerShell command. This command then downloads and ex...