Exploits & CVE's

Authored by indoushka Online Musical Instrument Shop IN version 1.0 suffers from a cross site scripting vulnerability. Change Mirror Download ====================================================================================================================================================| # Title : Online Musical Instrument Shop...

Authored by Luigi Auriemma, juan vazquez | Site metasploit.com This Metasploit module exploits a directory traversal in the ZENworks Configuration Management. The vulnerability exists in the Preboot service and can...

Authored by Jay Turla | Site metasploit.com This Metasploit module can be used to discover DNS servers which expose recursive name lookups which can be used in an amplification attack...

Authored by jcran, The Light Cosine | Site metasploit.com This Metasploit module exploits a password bypass vulnerability in MySQL in order to extract the usernames and encrypted password hashes from...

Authored by wvu, operator8203 | Site metasploit.com This Metasploit module scans for the Fortinet SSH backdoor. advisories | CVE-2016-1909 Change Mirror Download ### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule <...

Authored by Michal Sajdak, wvu, Qualys, Dariusz Tytko, kenkeiras | Site metasploit.com This Metasploit module uses a malformed packet or timing attack to enumerate users on an OpenSSH server. The...

Authored by BrianWGray | Site metasploit.com Eaton Power Xpert Meters running firmware below version 12.x.x.x or below version 13.3.x.x ship with a public/private key pair that facilitate remote administrative access...

Authored by Nicholas Starke | Site metasploit.com This Metasploit module exploits a default misconfiguration flaw on Apache Karaf versions 2.x-4.x. The karaf user has a known default password, which can...

Authored by H D Moore, h00die | Site metasploit.com This Metasploit module scans for the Juniper SSH backdoor (also valid on Telnet). Any username is required, and the password is...

Authored by Peter Winter-Smith, wvu | Site metasploit.com This Metasploit module exploits an authentication bypass in libssh server code where a USERAUTH_SUCCESS message is sent in place of the expected...