• Close
  • Exploit Database

    The Rapid7 Exploit Database is an archive of Metasploit modules for publicly known exploits, 0days, remote exploits, shellcode, and more for researches and penetration testers to review. 3,000 plus modules are all available with relevant links to other technical documentation and source code. All of the modules included in the Exploit Database are also included in the Metasploit framework and utilized by our penetration testing tool, Metasploit Pro.

    Displaying module details 31 - 40 of 3238 in total

    Ruby on Rails ActionPack Inline ERB Code Execution Exploit

    Disclosed: March 01, 2016

    This module exploits a remote code execution vulnerability in the inline request processor of the Ruby on Rails ActionPack component. This vulnerability allows an attacker to process ERB to the inline JSON processor, which is then rendered, permitting full RCE within the runtime, without logging an error condition.

    ATutor 2.2.1 Directory Traversal / Remote Code Execution Exploit

    Disclosed: March 01, 2016

    This module exploits a directory traversal vulnerability in ATutor on an Apache/PHP setup with display_errors set to On, which can be used to allow us to upload a malicious ZIP file. On the web application, a blacklist verification is performed before extraction, however it is not sufficient to prevent exploitation. ...

    Ubiquiti airOS Arbitrary File Upload Exploit

    Disclosed: February 13, 2016

    This module exploits a pre-auth file upload to install a new root user to /etc/passwd and an SSH key to /etc/dropbear/authorized_keys. FYI, /etc/{passwd,dropbear/authorized_keys} will be overwritten. /etc/persistent/rc.poststart will be overwritten if PERSIST_ETC is true. This method is used by the "mf" malware ...

    Apache Karaf Default Credentials Command Execution Exploit

    Disclosed: February 09, 2016

    This module exploits a default misconfiguration flaw on Apache Karaf versions 2.x-4.x. The 'karaf' user has a known default password, which can be used to login to the SSH service, and execute operating system commands from remote.

    Apache Karaf Default Credentials Command Execution Exploit

    Disclosed: February 09, 2016

    This module exploits a default misconfiguration flaw on Apache Karaf versions 2.x-4.x. The 'karaf' user has a known default password, which can be used to login to the SSH service, and execute operating system commands from remote.

    MS16-016 mrxdav.sys WebDav Local Privilege Escalation Exploit

    Disclosed: February 09, 2016

    This module exploits the vulnerability in mrxdav.sys described by MS16-016. The module will spawn a process on the target system and elevate it's privileges to NT AUTHORITY\SYSTEM before executing the specified payload within the context of the elevated process.

    Advantech WebAccess Dashboard Viewer uploadImageCommon Arbitrary File Upload Exploit

    Disclosed: February 05, 2016

    This module exploits an arbitrary file upload vulnerability found in Advantech WebAccess 8.0. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the WebAc...

    NETGEAR ProSafe Network Management System 300 Arbitrary File Upload Exploit

    Disclosed: February 04, 2016

    Netgear's ProSafe NMS300 is a network management utility that runs on Windows systems. The application has a file upload vulnerability that can be exploited by an unauthenticated remote attacker to execute code as the SYSTEM user. Two servlets are vulnerable, FileUploadController (located at /lib-1.0/external/flas...

    NETGEAR ProSafe Network Management System 300 Authenticated File Download Exploit

    Disclosed: February 04, 2016

    Netgear's ProSafe NMS300 is a network management utility that runs on Windows systems. The application has a file download vulnerability that can be exploited by an authenticated remote attacker to download any file in the system.. This module has been tested with versions 1.5.0.2, 1.4.0.17 and 1.1.0.13.

    Oracle ATS Arbitrary File Upload Exploit

    Disclosed: January 20, 2016

    This module exploits an authentication bypass and arbitrary file upload in Oracle Application Testing Suite (OATS), version 12.4.0.2.0 and unknown earlier versions, to upload and execute a JSP shell.