This module exploits a remote command execution vulnerability in Apache Struts version between 2.3.20 and 2.3.28 (except 2.3.20.2 and 2.3.24.2). Remote Code Execution can be performed when using REST Plugin with ! operator when Dynamic Method Invocation is enabled.
The OpenBASE Alpha 0.6 portal is vulnerable to remote file inclusion. By manipulating the 'root_prefix' parameter in various PHP files, an attacker can execute arbitrary remote files on the server.
The vBulletin Google Site Map Creator script is vulnerable to remote file inclusion. This vulnerability allows an attacker to include and execute arbitrary files from remote servers, potentially leading to remote code execution.
The exploit allows an attacker to write NULL bytes below the &line[0] by supplying negative lengths, leading to a buffer overflow. This can be exploited to execute arbitrary code on the target system.
The Notilus software is vulnerable to SQL injection attacks, specifically in the password modification fields.
This exploit allows an attacker to overwrite WP options in the Newspaper WP Theme.
This exploit allows an attacker to overwrite any theme settings in the Bridge - Creative Multi-Purpose WordPress Theme. It is a stored cross-site scripting (XSS) vulnerability.
This exploit allows an attacker to retrieve the admin username and hash from My Little Forum <= 1.7. The vulnerability is present in the user.php file, where the 'id' parameter is not properly sanitized before being used in a SQL query. By injecting a UNION SELECT statement, the attacker can retrieve the desired information.
This exploit allows an attacker to perform SQL injection or remote code execution on a vulnerable gCards version 1.46.
This module exploits a well known remote code execution exploit after establishing encrypted control communications with a Data Protector agent. This allows exploitation of Data Protector agents that have been configured to only use encrypted control communications. This exploit works by executing the payload with Microsoft PowerShell so will only work against Windows Vista or newer. Tested against Data Protector 9.0 installed on Windows Server 2008 R2.
Services By CQR