adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
77,971 Commits 27 Branches 1,043 Tags
6d9d9a70d410cc94de4d3d9afd7a75cd426d43be
Commit Graph

227 Commits

Author SHA1 Message Date
Martin Sutovsky 0b2e4bc337 Adds module for CVE-2021-25094 2025-06-11 19:03:00 +02:00
Spencer McIntyre 0a280ae800 Merge pull request #19996 from hantwister/patch-1 
Detect the CxUIUSvcChannel named pipe
 2025-06-05 11:56:50 -04:00
Chocapikk 1888abaa4d Add WP Depicter Plugin Unauth SQL Injection (CVE-2025-2011) 2025-05-14 15:54:40 +02:00
Chocapikk e335841bb0 Add Unauthenticated privesc for WP User Registration & Membership plugin (CVE-2025-2563) 2025-05-13 21:42:09 +02:00
Chocapikk 4d0c7bb71a Add WP SureTriggers ≤1.0.78 admin-creation & RCE module (CVE-2025-3102) 2025-05-07 17:45:30 +02:00
Harrison Neal 28c0992e77 CVE-2024-9157 detection 2025-04-01 11:32:32 -04:00
h00die cf7d2584ba update wp themes+plugins 2024-12-29 17:31:55 -05:00
h00die 87494a0958 update modules for inclusion into wordpress updater 2024-12-29 17:25:12 -05:00
h00die 03ddb8990e sort alphabetically 2024-12-29 15:57:23 -05:00
Chocapikk 7d559e0b34 Add exploit module for CVE-2024-8856 - WP Time Capsule RCE 2024-12-11 01:14:17 +01:00
Aaryan Golatkar ef1b38654b Added perfect-survey to data/wordlists/wp-exploitable-plugins.txt 2024-12-10 18:59:20 +05:30
Chocapikk a123234141 Add CVE-2024-10924 2024-12-05 16:19:09 +01:00
jheysel-r7 c4b7954f15 Land #19596, Wordpress Plugin Post SMTP Account Takeover 2024-11-29 09:05:03 -08:00
h00die 9da5177d11 remove old code 2024-10-29 16:44:48 -04:00
jheysel-r7 87af327507 Merge branch 'master' into wp_ultimate_member_sorting_sqli 2024-10-29 16:34:10 -04:00
bcoles e50767bb6f data/wordlists: Add default passwords for common single-board computers 2024-10-19 00:49:14 +11:00
Chocapikk 668424a444 Add unauth SQLi exploit module for Ultimate Member plugin (CVE-2024-1071) 2024-10-14 18:14:10 +02:00
Chocapikk 8553f625a4 Add auxiliary/scanner/http/wp_fastest_cache_sqli 2024-10-14 18:03:46 +02:00
Chocapikk bc7840ea7f Add wp_givewp_rce exploit module 2024-08-27 19:50:35 +02:00
Chocapikk bea708d24c Add exploit module for CVE-2024-5084: WordPress Hash Form Plugin RCE 2024-05-28 18:27:02 +02:00
Jack Heysel abb2eb7ffd Land #18891, Add RCE module for wp bricks builder 
This PR adds the wp_bricks_builder_rce exploit module that targets a
known vulnerability in the WordPress Bricks Builder Theme, versions
prior to 1.9.6.
 2024-03-26 14:46:35 -07:00
Balgogan f04b66d6dd Add wp_bricks_builder_rce 2024-02-26 22:09:38 +01:00
randomstr1ng 564c3f8e02 merge sap_icm_paths.txt with seclists sap.txt wordlist and add paths related to potential information leak 2024-02-15 16:03:31 +01:00
Jack Heysel c895364675 Initial commit, files created 2023-12-18 19:26:14 -05:00
Balgogan 65ea1188e2 Add suggested changes 2023-11-23 18:22:36 +01:00
h00die 94657d317b another round of review comments 2023-09-11 14:29:20 -04:00
h00die-gr3y a3daab88e6 Added documentation and updated exploitable plugins list 2023-07-25 14:06:42 +01:00
h00die 375a315b3d woocommerce payments auth bypass 2023-07-04 13:05:07 -04:00
Tod Beardsley de58b96d2a Add "a good example" of a LastPass password 
When setting a new master password, LastPass helpfully suggests "r50$K28vaIFiYxaY" as a good example.

Sure, sounds good to me.
 2023-03-07 13:32:50 -06:00
h00die 1888264d4d wordpress paid membership pro 2023-01-14 08:34:10 -05:00
Grant Willcox 1fec75621c Fix up documentation from review 2022-12-05 14:04:22 -06:00
h00die 4c958546b5 update wordpress plugins and themes lists 2022-11-11 10:37:26 -05:00
adfoster-r7 6a682f4fe6 Land #16982, Update Dell iDRAC login scanner to work with v8 and v9 2022-10-14 01:40:35 +01:00
h00die c6e18ee469 cve-2022-1329 2022-10-02 15:59:58 -04:00
h00die 0bcdc3fadb idrac login updates 2022-09-20 16:20:24 -04:00
space-r7 7a9d30e5b1 Land #16227, add wp masterstudy privesc module 2022-03-07 10:58:23 -06:00
space-r7 0d10409d67 Land #16131, add modern events calendar sqli 2022-02-28 12:27:45 -06:00
h00die 9799d87ec9 update exploitable plugins 2022-02-25 17:00:34 -05:00
h00die 864ce9471f wp_secure_copy sqli 2022-02-13 15:04:17 -05:00
h00die 5f45e40192 update wp-exploitable-plugins 2022-02-03 17:37:27 -05:00
h00die 4e0fc5a4e5 Wordpress Plugin Catch Themes Demo Import cve-2021-39352 2021-12-21 20:04:09 -05:00
bwatters 6727c1b344 Land #15954, Add Grafana file read (CVE-2021-43798) 
Merge branch 'land-15954' into upstream-master
 2021-12-20 09:54:15 -06:00
bwatters 2705d6ae94 Land #15948, Wordpress wp_popular_posts rce 
Merge branch 'land-15948' into upstream-master
 2021-12-20 09:28:23 -06:00
h00die cb348f06c4 move grafana plugins out to data 2021-12-19 16:18:05 -05:00
Grant Willcox 304648ea2e Land #15953, wps_hide_login module CVE-2021-24917 2021-12-15 17:13:29 -06:00
Cristiano Maruti 0305983be2 Update tomcat_mgr_default_users.txt 2021-12-14 09:25:52 +01:00
Cristiano Maruti d1fb2a7bde Update tomcat_mgr_default_pass.txt 2021-12-14 09:25:00 +01:00
h00die 6c10ad460c wps_hide_login module 2021-12-11 14:25:07 -05:00
Cristiano Maruti 0a4e2b7c90 Update tomcat_mgr_default_pass.txt 2021-12-09 21:21:19 +01:00
Cristiano Maruti 8709b92966 Update tomcat_mgr_default_users.txt 2021-12-09 21:19:39 +01:00