This Metasploit module exploits a buffer overflow in the FTPShell client 6.70 (Enterprise edition) allowing remote code execution.
b8f01f84c845398fb04cba37588088d6bbc790b0fc0bdf524f55915dd6be6c52
If the /install/ directory was not removed, it is possible for an unauthenticated attacker to run the "install_4.php" script, which will create the configuration file for the installation. This allows the attacker to inject PHP code into the configuration file and execute it.
806d396b8f8393708196c84967f4c3db14adf4f64c443cf3f37029101e6385f9
This Metasploit module exploits a remote code execution vulnerability in Exodus Wallet. A vulnerability in the ElectronJS Framework protocol handler can be used to get arbitrary command execution if the user clicks on a specially crafted URL.
71dfdd11a543d029057c8944a5a65b07ea8d8305fc5534962c0d5f2e9e49b452
This Metasploit module exploits a stack-based buffer overflow vulnerability in Disk Savvy Enterprise version 10.4.18, caused by improper bounds checking of the request sent to the built-in server. This Metasploit module has been tested successfully on Windows 7 SP1 x86.
c4a63ea927eadbd15aa533b676da7de90e2feda0be34e3eccaea539cebab75b2
This Metasploit module exploits a stack-based buffer overflow vulnerability in the CloudMe Sync version 1.10.9 client application. This Metasploit module has been tested successfully on Windows 7 SP1 x86.
e772df2bb9bc2559a8e1ce1faef1106d0f6d2691866412f3c6f64ad143790589
Disk Pulse Enterprise version 10.4.18 suffers from an import command buffer overflow vulnerability.
e307de6489283b8b1af2c0fffeb4c6bc4cd2451976ad9a55965eb047eda2f56c
Disk Savvy Enterprise version 10.4.18 suffers from a buffer overflow vulnerability.
dd90908461a70ffb033221b05079a153d313a0f457e111ed680c67fc2c96cec1
This Metasploit module exploits a buffer overflow in Dup Scout Enterprise version 10.4.16 by using the import command option to import a specially crafted xml file.
9e66581c3952dd3cb70260f079d2681e43c224c9773b59e41966964f02086b66
This Metasploit module exploits a buffer overflow in Sync Breeze Enterprise 9.5.16 by using the import command option to import a specially crafted xml file.
ada5d696765b728572e1a595fac470a36fc9c4ab834fd1652c6a8cf1e8b799c1
This Metasploit module exploits a buffer overflow in the LabF nfsAxe 3.7 FTP Client allowing remote code execution.
241e34b13eab130be620a23f461dd59501c6111482d96e813435aadcb049ca4b
This Metasploit module exploits a stack-based buffer overflow vulnerability against Ayukov NFTPD FTP Client 2.0 and earlier. By responding with a long string of data for the SYST request, it is possible to cause a denial-of-service condition on the FTP client, or arbitrary remote code execution under the context of the user if successfully exploited.
e500bee98162a4112d002590455f02ce9655420dd5457db5a183759e204c9aca
This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of VX Search Enterprise v9.5.12, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows 7 SP1 x86.
5199a2e5cc5662ac54e66b7146c5c6b94ee41102ab904bac8eb917c52c3801dc
This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of Sync Breeze Enterprise v9.4.28, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows 7 SP1 x86.
5ff2902a3ec062393e0570fee4f1cc86ff341942ea0f0f52a2987780cddb68ec
This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of Dup Scout Enterprise v9.5.14, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows 7 SP1 x86.
46f09d2f260a4c795547b4cce19e1ae4b6b57750101f9224839a951a9912fc72
This Metasploit module exploits a stack-based buffer overflow vulnerability in the web interface of Disk Sorter Enterprise version 9.5.12, caused by improper bounds checking of the request path in HTTP GET requests sent to the built-in web server. This Metasploit module has been tested successfully on Windows 7 SP1 x86.
866e21d79501ea487d559431b3368082a2de3dd683255e5247782c95b4d89bdd
Sync Breeze Enterprise version 9.5.16 SEH GET buffer overflow exploit.
bf368bde889dcf902b06ff92a9af6600b8ec55a5ba19e600159382f811b399a3
Sync Breeze Enterprise version 9.5.16 suffers from an import command buffer overflow vulnerability.
92904136e8d75735d3fca251e7d6585a845b1133240bfbaf44518eb4a65108b7
Disk Sorter Enterprise version 9.5.12 GET buffer overflow SEH exploit.
9bcbe319bc61fad1c46803139c12a81d49aef3ac226ad042a33e2cd8d25b179c
Various routers such as the AirLive ARM-204, AirLive WT-2000ARM, D-Link DVA-G3170i/PT, Edimax AR-7084ga, Huawei, Aolynk DR814Q, DrayTek Vigor2700 series, DrayTek Vigor2920 series, Thomson TG784, and ZyXEL P-660RU-T1v3 re-embed the password in a hidden field of the web management interface.
c834792f6018eb0bbf413092b9ac178bde5b3dfba17992207e84bbb00f34d14c