This Metasploit module exploits a Perl code injection on NETGEAR ReadyNAS 4.2.23 and 4.1.11. The vulnerability exists on the web fronted, specifically on the np_handler.pl component, due to the insecure usage of the eval() perl function. This Metasploit module has been tested successfully on a NETGEAR ReadyNAS 4.2.23 Firmware emulated environment, not on real hardware.
bde67c6d5bd2eaadf289392fe66c898b1b40583f113cc479740f75c0912c0b93
Pirelli Discus DRG A125g suffers from a remote SSID changing vulnerability.
2b1f91be8747fd519dafa4451cffde3fb3465914cd7c91ec96a5c22286dcfcec
Pirelli Discus DRG A125g suffers from a remote wifi password change vulnerability.
0844fc4064b35b2b1fca0daf8ee6e09c155f3fa44819becc99422a59b86589f0
Tapuz Flix suffers from a video password bypass vulnerability.
20f632be7ad02a0dcebd94c26baecb40dccfdf5a54d98a77fd3ae541fbfd3644
LimeSurvey 2.00+ build 131107 suffers from cross site scripting and remote SQL injection vulnerabilities.
5c44ba55fe8e63eb71a478dcca53f2b4e82fdae8fea63259254d0ae14c55a594
Pirelli Discus DRG A125g suffers from a local password disclosure vulnerability.
d3a434fc5af641e203162cf1a2bd32c1dacc470434958a1a05827b049654a80b
TPLINK WR740N / WR740ND suffers from multiple cross site request forgery vulnerabilities.
6ed034621950641cdd64908b842248f86ceb3c3fa4144f7f1cd978a254f5ded8
WordPress theme Blogfolio suffers from a remote shell upload vulnerability.
0c931b3b4993f2838eaf828fbf9b4fe893139876712f077dd94574885dc101c4
ALLPlayer version 5.7 SEH buffer overflow exploit that creates a malicious .m3u file.
956599215ecbbfa2d6597c88faed6b8c3bc28f969998c56686fa6b974b775466
WordPress theme Bloggie suffers from a remote shell upload vulnerability.
9e56d3a6d2f7e53ee6e95cdd4c9a9d8f386cd69a697aa96a6c1a05761ade261a
WordPress Pinboard suffers from a remote shell upload vulnerability.
099f63df83a417a755432983b9923ea99557a79c5c8b65082a3fe95ca760688e
Light Alloy version 4.7.3 SEH buffer overflow exploit that creates a malicious .m3u file.
3fb9896552d2c89d79f676bb7254780421056f217c34a68ca57229cb3cd5a049
WordPress theme Folo suffers from a remote shell upload vulnerability.
91f9ad50e4e2c5de198ab7a2a2a6b866ccb712bc3e91a2bda02b2c435d5372b7
WordPress theme Elemin suffers from a remote shell upload vulnerability.
2644b514d6f774fe722500a6ca3efe5fdc67c5b7d29fa786e3782f101c471c1f
This Metasploit module exploits an arbitrary file upload vulnerability in DesktopCentral 8.0.0 below build 80293. A malicious user can upload a JSP file into the web root without authentication, leading to arbitrary code execution.
a58c7e48a0560ea998d7234b701c9f96d4b2b76ae74d19faf4f38e4420896922
Facebook suffers from a private friend list disclosure vulnerability via the People You May Know functionality.
d030133808977a7f18f69a66e094c58123568c276c0c6c0b10cd9d391b0dd11f
vBulletin vBSEO plugin versions 3.2.0 and 3.6.0 suffer from a cross site scripting vulnerability.
27f00a8a77a7b71b23dd09a034cd72b1107c5ccb58c14b597b811c78a98ad496
Ruckus Wireless Zoneflex 2942 wireless access point suffers from an authentication bypass vulnerability.
a11949340cd5c013d3ac7d14a6262d36bf5f0d3c62b518117024442c4f69a79e
WordPress Pretty Photo plugin suffers from a cross site scripting vulnerability.
ad0e6a2ec0cba32a53f8cd31ffa972175ab2ab31289e66a75ebdb86aeda53924
WordPress Suco theme suffers from a remote shell upload vulnerability.
b2e22a3f07d33f211c40421e70052bfe57231643ebd7db5e5c627b99e766b408
The Ajaxfs plugin for MyBB suffers from a remote SQL injection vulnerability.
8950d4b0acad0918db3ab2e365b1a9f3e0a43c03cb81d3790c651398da582ec2
PayPal suffered from a cross site scripting vulnerability in the unclaimed payments section.
137ed7ccd1590151dbda2a2bb74488f1f80545601084dd20028e4bc960eacdd6
WordPress iThemes2 theme suffers from a remote shell upload vulnerability.
3c8e828548de930258ea049c0dae805645ae3dbb203c5a025c444e419760cbeb
Kartoo Search Engine suffers from information disclosure, cross site scripting, and remote file inclusion vulnerabilities.
ac0a06fa419a184ad1babb025e7077989ed37dedb335c4eb2588feb10cb78804
PineApp MailSecure suffers from remote command execution and privilege escalation vulnerabilities. Versions 5099SK and below are affected.
f4720369e3191a3088b42b913c93f939cec3f14bb0c79018eb4ffca7f1760e74