This Metasploit module will scan for hosts vulnerable to an unauthenticated SQL injection within the advanced search feature of the Web-Dorado ECommerce WD 1.2.5 and likely prior.
ce900f10acc1386276f00739f087918826cb2474bfdb669e0c939feac5f7524a
This Metasploit module exploits a flaw in the password reset mechanism in BMC TrackIt! 11.3 and possibly prior versions. If the password reset service is configured to use a domain administrator (which is the recommended configuration), then domain credentials can be reset (such as domain Administrator).
a7ccb5a05659f5e2d5a8a2656da3df1b76d134f385ed2af2ebd215f40f8e2be3
This Metasploit module attempts to exploit a UNION-based SQL injection in Contus Video Gallery for Wordpress version 2.7 and likely prior in order if the instance is vulnerable.
957f68f976c01e80a8d26d3b9259149bd83c775d713a80530d50ce5f9cb08c4c
This Metasploit module will scan given instances for an unauthenticated SQL injection within the CP Multi-View Calendar plugin v1.1.4 for Wordpress.
fa6f1e6bbb90332533f804d4e77a327f326adf3a7cc5346e615c88d7f2bcfa34
This Metasploit module will scan for Joomla! instances vulnerable to an unauthenticated SQL injection within the Gallery WD for Joomla! extension version 1.2.5 and likely prior.
0150883a44f0bd31af609cd1eac0e9f0f3ce4ae1bac35b3c8c25e31a2ac67c10
This Metasploit module exploits a SQL injection vulnerability in Joomla versions 3.2 through 3.4.4 in order to either enumerate usernames and password hashes.
eaae704ef831c9b61c537f52feac70b43d16b0f1530f7da0d1cbc1ab16b2435b
This Metasploit module will exploit a SQL injection in Zabbix 3.0.3 and likely prior in order to save the current usernames and password hashes from the database to a JSON file.
2ebbd2d691dd7508785002385cab0f09585ac3584018b08791e074e76431981a
This Metasploit module exploits a command injection flaw to create a shell script on the filesystem and execute it. If GestioIP is configured to use no authentication, no password is required to exploit the vulnerability. Otherwise, an authenticated user is required to exploit.
ff466c810472f8a9143ae99e56a4e7b6a912136e28c211e79853a3acf85c2641
This Metasploit module exploits a vulnerability in Tectia SSH server for Unix-based platforms. The bug is caused by a SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ request before password authentication, allowing any remote user to bypass the login routine, and then gain access as root.
a8cae2783ae383b985cfe414beea92207b93fca99d51ada21c788b6eff779ccc