adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
78,625 Commits 27 Branches 1,043 Tags
0aed5fcfbc508baabdda3dfdf8684ea5aba6f167
Commit Graph

832 Commits

Author SHA1 Message Date
jheysel-r7 7972017936 Merge pull request #20397 from vognik/CVE-2025-34300 
Add Lighthouse Studio unauthenticated RCE (CVE-2025-34300)
 2025-09-08 16:48:29 -07:00
jheysel-r7 0e325e6217 Update documentation/modules/exploit/multi/http/lighthouse_studio_unauth_rce_CVE_2025_34300.md 2025-09-08 16:29:00 -07:00
Maksim Rogov 16b3a352e8 Apply suggestion from @msutovsky-r7 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-08-25 10:49:49 +03:00
Maksim Rogov 51ca11a9d4 Apply suggestion from @msutovsky-r7 
Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>
 2025-08-24 18:14:28 +03:00
Vognik 7317922be8 Added Documentation 2025-08-24 07:46:59 +04:00
Vognik b13f59128c Added Setup Guide for Windows 2025-08-18 08:20:32 +04:00
Maksim Rogov 9696cc57db Merge branch 'rapid7:master' into CVE-2025-34300 2025-07-25 11:02:03 +04:00
Maksim Rogov 6e5d474b21 Apply suggestion from @jheysel-r7 in Docs 
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>
 2025-07-24 06:23:01 +03:00
Vognik 38b0bd15e1 Code Review Edits 2025-07-24 07:19:25 +04:00
Vognik 75e1158457 Fixed docs formatting 2025-07-21 03:16:40 +04:00
Vognik e7667d406a Add Lighthouse Studio unauthenticated RCE (CVE-2025-34300) 2025-07-20 15:23:38 +04:00
cgranleese-r7 adff497bd2 Updates msf5 as well 2025-07-17 11:51:29 +01:00
cgranleese-r7 469f102596 Updates docs to reflect new default prompt 2025-07-17 09:53:40 +01:00
Valentin Lobstein b9ee9ba88c Update wingftp_null_byte_rce.md 2025-07-03 19:43:06 +02:00
Valentin Lobstein ef3ddec3dd Update documentation/modules/exploit/multi/http/wingftp_null_byte_rce.md 
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com>
 2025-07-03 19:41:34 +02:00
Chocapikk 5b268bd4b4 Fix documentation and typos 2025-07-01 22:50:01 +02:00
Chocapikk 1a4a15e83b Add WingFTP unauthenticated RCE (CVE-2025-47812) 2025-07-01 19:15:15 +02:00
Diego Ledda 6d843385ec Merge pull request #20301 from msutovsky-r7/exploit/cve-2021-25094 
Adds module for Tatsu WP plugin (CVE-2021-25094)
 2025-06-25 10:58:22 +02:00
Diego Ledda afdad8ed4c chore(wp_tatsu_rce): msftidy_docs fix 2025-06-25 10:16:49 +02:00
msutovsky-r7 a67c883e0c Removes unnecessary header 
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>
 2025-06-24 15:48:38 +02:00
Diego Ledda c0dfbf43f2 Merge pull request #20235 from Chocapikk/vbulletin_replace_ad_template_rce 
vBulletin replaceAdTemplate Remote Code Execution
 2025-06-19 14:20:16 +02:00
Martin Sutovsky 4fe750a946 Removing redundant comment 2025-06-13 10:33:58 +02:00
Martin Sutovsky 3abe9b46c0 Addressing comments 2025-06-13 10:32:39 +02:00
Martin Sutovsky 0b2e4bc337 Adds module for CVE-2021-25094 2025-06-11 19:03:00 +02:00
Maksim Rogov ed643c3bc6 Update roundcube_auth_rce_cve_2025_49113.md 2025-06-09 18:42:52 +03:00
Maksim Rogov d97b09a898 Rename roundcube_unauth_rce_cve_2025_49113.md to roundcube_auth_rce_cve_2025_49113.md 2025-06-07 16:46:30 +03:00
Maksim Rogov bd811a3cd1 Update roundcube_unauth_rce_cve_2025_49113.md 2025-06-07 04:45:54 +03:00
Vognik a4638ad632 Update Documentation 2025-06-07 05:35:18 +04:00
Vognik 96d7929972 Add Documentation for Roundcube CVE-2025-49113 unauthenticated RCE module 2025-06-07 05:28:45 +04:00
Brendan 19e8e6cdf8 Merge pull request #20187 from Chocapikk/wp_ottokit 
Add CVE-2025-27007 in existing `exploit(multi/http/wp_suretriggers_auth_bypass)` module
 2025-06-05 11:03:00 -05:00
remmons-r7 97f308386b Update documentation/modules/exploit/multi/http/ivanti_epmm_rce_cve_2025_4427_4428.md 
Update docs to reflect the new Python payload approach

Co-authored-by: Brendan <bwatters@rapid7.com>
 2025-06-04 08:30:11 -05:00
Chocapikk 33439fccb3 Add verbosity, update doc 2025-05-29 16:30:41 +02:00
remmons-r7 68929a50fa Add ivanti_epmm_rce_cve_2025_4427_4428.md 
Documentation for ivanti_epmm_rce_cve_2025_4427_4428.
 2025-05-28 17:35:34 -05:00
Chocapikk 387a39d0a9 Update doc, module 2025-05-25 20:13:36 +02:00
Chocapikk 64b9254b3d Remove useless command in Dockefile 2025-05-23 23:59:06 +02:00
Valentin Lobstein e6aa8a3125 Update documentation/modules/exploit/multi/http/vbulletin_replace_ad_template_rce.md 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-05-23 23:56:37 +02:00
Valentin Lobstein df44d63ac3 Update documentation/modules/exploit/multi/http/vbulletin_replace_ad_template_rce.md 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-05-23 23:56:18 +02:00
Valentin Lobstein f5e33ef290 Update documentation/modules/exploit/multi/http/vbulletin_replace_ad_template_rce.md 
Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>
 2025-05-23 23:55:55 +02:00
Chocapikk 1f6dd34f93 vBulletin replaceAdTemplate Remote Code Execution 2025-05-23 23:17:02 +02:00
Chocapikk 2e158d2d1a Fix User-Agent issue 2025-05-22 23:47:20 +02:00
Chocapikk 38b7cfd753 Refactor 2025-05-21 19:46:47 +02:00
jheysel-r7 ca40f6ecbc Merge pull request #20214 from Chocapikk/invision_customcss_rce 
Add Invision Community 5.0.6 customCss RCE (CVE-2025-47916)
 2025-05-21 09:29:14 -07:00
jheysel-r7 0600de2d90 Merge pull request #20177 from msutovsky-r7/clinic_management_system_sqli2rce 
Clinic Patient's Management System SQLi (CVE-2025-3096)
 2025-05-21 08:42:16 -07:00
Valentin Lobstein e5bbc01e78 Update invision_customcss_rce.md 2025-05-21 08:38:36 +02:00
Chocapikk 28b7c7f786 Add Invision Community 5.0.6 customCss RCE (CVE-2025-47916) 2025-05-20 18:33:06 +02:00
Martin Sutovsky 070bd54d33 Addressing comments 2025-05-19 07:17:14 +02:00
Chocapikk 75a3fa7ad7 Add CVE-2025-27007 in existing exploit(multi/http/wp_suretriggers_auth_bypass) module 2025-05-14 19:29:03 +02:00
msutovsky-r7 fe5f56cac0 Land #20159, adds module for privilege escalation in Wordpress (CVE-2025-2563) 
Add Unauthenticated privesc for WP User Registration & Membership plugin (CVE-2025-2563)
 2025-05-14 15:33:30 +02:00
msutovsky-r7 7d8d0230cb Land #20026, adds module for CVE-2024-57487 
New Exploit Module & Documentation for CVE-2024-57487
 2025-05-14 08:00:20 +02:00
Chocapikk e335841bb0 Add Unauthenticated privesc for WP User Registration & Membership plugin (CVE-2025-2563) 2025-05-13 21:42:09 +02:00