05f2012ccc
Merge pull request #20338 from Chocapikk/xorcom
...
Add auxiliary and exploit modules for Xorcom CompletePBX 5.2.35 CVEs (2025-2292, 30004, 30005)
2025-07-22 08:19:36 -07:00
00c8c773a3
Merge pull request #20375 from Chocapikk/wp_photo_gallery_sqli
...
WP Photo Gallery by 10Web Unauthenticated SQLi (CVE-2022-0169)
2025-07-18 16:37:14 -07:00
8fe815da6f
Merge pull request #20394 from cgranleese-r7/update-docs-to-reflect-new-default-prompt
...
Updates docs to reflect new default prompt
2025-07-17 12:53:02 +01:00
adff497bd2
Updates msf5 as well
2025-07-17 11:51:29 +01:00
18d61d3763
Merge pull request #20356 from msutovsky-r7/exploit/pandorafms_netflow_rce
...
Add module for authenticated PandoraFMS command injection (CVE-2025-5306)
2025-07-17 11:58:54 +02:00
ca9535e39a
Update pandora_fms_auth_netflow_rce.md
2025-07-17 11:29:07 +02:00
469f102596
Updates docs to reflect new default prompt
2025-07-17 09:53:40 +01:00
b06903810c
feat(xorcom): add shared CompletePBX mixin, refactor modules, update docs
2025-07-16 21:25:17 +02:00
eb81de6620
Update documentation/modules/auxiliary/scanner/http/xorcom_completepbx_diagnostics_file_read.md
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2025-07-16 19:32:52 +02:00
f773e3aef9
Updates docs
2025-07-16 12:25:28 +02:00
914f874e12
Merge pull request #20216 from sjanusz-r7/add-graphql-aux-scanner-module
...
Add GraphQL Auxiliary Scanner module
2025-07-15 10:39:44 -07:00
622072bba4
WP Photo Gallery by 10Web Unauthenticated SQLi (CVE-2022-0169)
2025-07-10 13:22:19 +02:00
36675ccd9a
Merge pull request #20349 from sfewer-r7/0day-cve-2024-51978
...
Add auxiliary module for multiple Brother devices authentication bypass (CVE-2024-51978)
2025-07-09 13:07:25 -05:00
34952d73f6
display the AuthCookie if one is received
2025-07-09 10:15:30 +01:00
ffdfa07954
Land #20354 , adds module for ISPConfig code injection (CVE-2023-46818)
...
Add module for ISPConfig Code Injection (CVE-2023-46818)
2025-07-09 07:47:56 +02:00
ffa2152a6a
Updates docs
2025-07-07 11:56:53 +02:00
b9ee9ba88c
Update wingftp_null_byte_rce.md
2025-07-03 19:43:06 +02:00
ef3ddec3dd
Update documentation/modules/exploit/multi/http/wingftp_null_byte_rce.md
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2025-07-03 19:41:34 +02:00
5b268bd4b4
Fix documentation and typos
2025-07-01 22:50:01 +02:00
1a4a15e83b
Add WingFTP unauthenticated RCE (CVE-2025-47812)
2025-07-01 19:15:15 +02:00
a7e4b5601f
update the docs to use AUTO for the enum option
2025-07-01 15:06:44 +01:00
5c8d918e3d
Fixes documentation
2025-06-28 17:07:44 +02:00
840ae0f317
resolved: issues
2025-06-27 19:42:35 +05:30
a7b038b822
Merge pull request #20341 from msutovsky-r7/exploit/skyvern_ssti_rce
...
Adds module for Skyvern SSTI (CVE-2025-49619)
2025-06-27 14:14:40 +02:00
37e8780a6b
Code refactor, docs
2025-06-27 10:26:31 +02:00
7b845fa3df
Fixed documentation issues
2025-06-26 12:08:51 +02:00
240bc828f1
Removing header
2025-06-26 12:08:51 +02:00
d787444137
Add exploit module for ISPConfig language_edit.php PHP Code Injection (CVE-2023-46818)
...
- Adds modules/exploits/linux/http/ispconfig_lang_edit_php_code_injection.rb
- Adds documentation for the module in documentation/modules/exploit/linux/http/ispconfig_lang_edit_php_code_injection.md
- Module targets ISPConfig < 3.2.11p1 with admin_allow_langedit enabled
- References and implementation based on PoC and advisories at https://github.com/SyFi/CVE-2023-46818
2025-06-25 22:27:52 +05:30
fdc78b40bb
Add more clear installation steps
...
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com >
2025-06-25 15:17:58 +02:00
fde78bf73f
Land #20324 , adds exploit for UNC path in .url files (CVE-2025-33053)
...
Adds exploit module for Internet Shortcut UNC path vulnerability (CVE-2025-33053)
2025-06-25 11:23:23 +02:00
6d843385ec
Merge pull request #20301 from msutovsky-r7/exploit/cve-2021-25094
...
Adds module for Tatsu WP plugin (CVE-2021-25094)
2025-06-25 10:58:22 +02:00
afdad8ed4c
chore(wp_tatsu_rce): msftidy_docs fix
2025-06-25 10:16:49 +02:00
13cd2d2e51
Minor code changes, updates documentation
2025-06-24 16:22:42 +02:00
a67c883e0c
Removes unnecessary header
...
Co-authored-by: Diego Ledda <diego_ledda@rapid7.com >
2025-06-24 15:48:38 +02:00
be8864fe84
Merge pull request #20339 from bcoles/exploit-windows-fileformat-ms_visual_basic_vbp
...
exploit/windows/fileformat/ms_visual_basic_vbp: Add offsets, cleanup, document
2025-06-23 10:41:14 +01:00
ca142599e8
Module init
2025-06-23 10:27:27 +02:00
e1dec29ef9
exploit/windows/browser/ms08_070_visual_studio_msmask: Cleanup and add documentation
2025-06-23 00:38:44 +10:00
c0baf1888b
exploit/windows/fileformat/ms_visual_basic_vbp: Add offsets, cleanup, document
2025-06-23 00:11:54 +10:00
2a008c83d1
Add auxiliary and exploit modules for Xorcom CompletePBX 5.2.35 CVEs (2025-2292, 30004, 30005, 30006)
2025-06-22 09:07:20 +02:00
83a03efa3b
aux module for CVE-2024-51978
2025-06-20 16:41:39 +01:00
c0dfbf43f2
Merge pull request #20235 from Chocapikk/vbulletin_replace_ad_template_rce
...
vBulletin replaceAdTemplate Remote Code Execution
2025-06-19 14:20:16 +02:00
ec5ba0bd0d
Final code for CVE-2025-33053 exploit module
2025-06-17 23:03:36 -04:00
20b8a9fcd3
Add some features and fix bugs for CVE-2025-33053 exploit module
2025-06-17 22:59:34 -04:00
20629fe6b8
Add some features and fix all errors for CVE-2025-33053 exploit module
2025-06-17 02:49:10 -04:00
540d18126d
Add some features and delete old files for CVE-2025-33053 exploit module
2025-06-17 01:11:16 -04:00
f81ddf82f1
Add some features for CVE-2025-33053 exploit module
2025-06-17 01:00:35 -04:00
98389f2889
Add module documentation for CVE-2025-33053 URL generator
2025-06-13 20:35:38 -04:00
4fe750a946
Removing redundant comment
2025-06-13 10:33:58 +02:00
3abe9b46c0
Addressing comments
2025-06-13 10:32:39 +02:00
0b2e4bc337
Adds module for CVE-2021-25094
2025-06-11 19:03:00 +02:00
jheysel-r7