• Close
  • Exploit Database

    The Rapid7 Exploit Database is an archive of Metasploit modules for publicly known exploits, 0days, remote exploits, shellcode, and more for researches and penetration testers to review. 3,000 plus modules are all available with relevant links to other technical documentation and source code. All of the modules included in the Exploit Database are also included in the Metasploit framework and utilized by our penetration testing tool, Metasploit Pro.

    Displaying module details 41 - 50 of 3259 in total

    HTTP Client Information Gather Exploit

    Disclosed: March 22, 2016

    This module gathers information about a browser that exploits might be interested in, such as OS name, browser version, plugins, etc. By default, the module will return a fake 404, but you can customize this output by changing the Custom404 datastore option, and redirect to an external web page.

    MS16-032 Secondary Logon Handle Privilege Escalation Exploit

    Disclosed: March 21, 2016

    This module exploits the lack of sanitization of standard handles in Windows' Secondary Logon Service. The vulnerability is known to affect versions of Windows 7-10 and 2k8-2k12 32 and 64 bit. This module will only work against those versions of Windows with Powershell 2.0 or later and systems with two or more CPU cores.

    Kaltura Remote PHP Code Execution Exploit

    Disclosed: March 15, 2016

    This module exploits an Object Injection vulnerability in Kaltura. By exploiting this vulnerability, unauthenticated users can execute arbitrary code under the context of the web server user. Kaltura has a module named keditorservices that takes user input and then uses it as an unserialized function parameter. T...

    Exim "perl_startup" Privilege Escalation Exploit

    Disclosed: March 10, 2016

    This module exploits a Perl injection vulnerability in Exim < 4.86.2 given the presence of the "perl_startup" configuration parameter.

    Nagios XI Chained Remote Code Execution Exploit

    Disclosed: March 06, 2016

    This module exploits an SQL injection, auth bypass, file upload, command injection, and privilege escalation in Nagios XI <= 5.2.7 to pop a root shell.

    Apache Jetspeed Arbitrary File Upload Exploit

    Disclosed: March 06, 2016

    This module exploits the unsecured User Manager REST API and a ZIP file path traversal in Apache Jetspeed-2, version 2.3.0 and unknown earlier versions, to upload and execute a shell. Note: this exploit will create, use, and then delete a new admin user. Warning: in testing, exploiting the file upload clobbered ...

    ATutor 2.2.1 SQL Injection / Remote Code Execution Exploit

    Disclosed: March 01, 2016

    This module exploits a SQL Injection vulnerability and an authentication weakness vulnerability in ATutor. This essentially means an attacker can bypass authentication and reach the administrator's interface where they can upload malicious code.

    Ruby on Rails ActionPack Inline ERB Code Execution Exploit

    Disclosed: March 01, 2016

    This module exploits a remote code execution vulnerability in the inline request processor of the Ruby on Rails ActionPack component. This vulnerability allows an attacker to process ERB to the inline JSON processor, which is then rendered, permitting full RCE within the runtime, without logging an error condition.

    ATutor 2.2.1 Directory Traversal / Remote Code Execution Exploit

    Disclosed: March 01, 2016

    This module exploits a directory traversal vulnerability in ATutor on an Apache/PHP setup with display_errors set to On, which can be used to allow us to upload a malicious ZIP file. On the web application, a blacklist verification is performed before extraction, however it is not sufficient to prevent exploitation. ...

    Centreon Web Useralias Command Execution Exploit

    Disclosed: February 26, 2016

    Centreon Web Interface <= 2.5.3 utilizes an ECHO for logging SQL errors. This functionality can be abused for arbitrary code execution, and can be triggered via the login screen prior to authentication.