metasploit-gs

Author	SHA1	Message	Date
jheysel-r7	05f2012ccc	Merge pull request #20338 from Chocapikk/xorcom Add auxiliary and exploit modules for Xorcom CompletePBX 5.2.35 CVEs (2025-2292, 30004, 30005)	2025-07-22 08:19:36 -07:00
jheysel-r7	00c8c773a3	Merge pull request #20375 from Chocapikk/wp_photo_gallery_sqli WP Photo Gallery by 10Web Unauthenticated SQLi (CVE-2022-0169)	2025-07-18 16:37:14 -07:00
cgranleese-r7	adff497bd2	Updates msf5 as well	2025-07-17 11:51:29 +01:00
cgranleese-r7	469f102596	Updates docs to reflect new default prompt	2025-07-17 09:53:40 +01:00
Chocapikk	b06903810c	feat(xorcom): add shared CompletePBX mixin, refactor modules, update docs	2025-07-16 21:25:17 +02:00
Valentin Lobstein	eb81de6620	Update documentation/modules/auxiliary/scanner/http/xorcom_completepbx_diagnostics_file_read.md Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com>	2025-07-16 19:32:52 +02:00
jheysel-r7	914f874e12	Merge pull request #20216 from sjanusz-r7/add-graphql-aux-scanner-module Add GraphQL Auxiliary Scanner module	2025-07-15 10:39:44 -07:00
Chocapikk	622072bba4	WP Photo Gallery by 10Web Unauthenticated SQLi (CVE-2022-0169)	2025-07-10 13:22:19 +02:00
Brendan	36675ccd9a	Merge pull request #20349 from sfewer-r7/0day-cve-2024-51978 Add auxiliary module for multiple Brother devices authentication bypass (CVE-2024-51978)	2025-07-09 13:07:25 -05:00
sfewer-r7	34952d73f6	display the AuthCookie if one is received	2025-07-09 10:15:30 +01:00
sfewer-r7	a7e4b5601f	update the docs to use AUTO for the enum option	2025-07-01 15:06:44 +01:00
Chocapikk	2a008c83d1	Add auxiliary and exploit modules for Xorcom CompletePBX 5.2.35 CVEs (2025-2292, 30004, 30005, 30006)	2025-06-22 09:07:20 +02:00
sfewer-r7	83a03efa3b	aux module for CVE-2024-51978	2025-06-20 16:41:39 +01:00
msutovsky-r7	0f522220d4	Land #20072 , adds Maldoc in PDF fileformat module Add Maldoc in PDF polyglot fileformat module	2025-06-06 14:36:24 +02:00
Spencer McIntyre	a1e3a23eb4	Merge pull request #20262 from bwatters-r7/fix/vcenter_vmdir_gather Fix references to LDAP Datastore Options	2025-06-05 17:44:21 -04:00
Brendan	cc98ef58d4	Merge pull request #20140 from h4x-x0r/CVE-2023-2915 ThinManager Path Traversal Delete (CVE-2023-2915) Module	2025-06-05 10:08:42 -05:00
Spencer McIntyre	602212fe9c	Merge pull request #20282 from SweilemCodes/docs/Jenkins_enum Jenkins Enum Documentation Added	2025-06-05 10:50:39 -04:00
Spencer McIntyre	166db38e67	Add missing newlines to render the markdown properly	2025-06-05 10:49:47 -04:00
Brendan	312d052a5c	Merge pull request #20141 from h4x-x0r/CVE-2023-2917 ThinManager Path Traversal Upload (CVE-2023-2917) Module	2025-06-04 16:48:39 -05:00
Brendan	2a7f40dcc9	Merge pull request #20139 from h4x-x0r/CVE-2023-27856 ThinManager Path Traversal Download (CVE-2023-27856) Module	2025-06-04 14:03:21 -05:00
Brendan	10d443d5d9	Merge pull request #20138 from h4x-x0r/CVE-2023-27855 ThinManager Path Traversal Upload (CVE-2023-27855) Module	2025-06-04 12:41:34 -05:00
Theo Sweilem	ff78d179a3	Edited jenkins_enum Documentation	2025-06-03 23:36:13 -07:00
Theo Sweilem	ac4e574eea	Added jenkins_enum Documentation	2025-06-03 23:25:15 -07:00
Simon Janusz	d497156f84	Merge pull request #20258 from zeroSteiner/fix/issue/20251 Update the ldap options for shadow credentials	2025-06-03 17:45:18 +01:00
Simon Janusz	043f8cb6b4	Merge pull request #20260 from zeroSteiner/fix/issue/20252 Update the ldap/change_password module	2025-06-03 17:44:26 +01:00
Spencer McIntyre	3057f80a1b	Update the ldap options for shadow credentials	2025-06-03 12:29:04 -04:00
Mario	50ae65d59c	Update documentation/modules/auxiliary/scanner/discovery/udp_probe.md Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>	2025-05-31 17:13:29 +02:00
mariomontecatine	3efcc6322b	Add documentation for auxiliary/scanner/discovery/udp_probe	2025-05-30 06:23:54 -04:00
bwatters-r7	e36336669d	Update description in module and docs to reflect nre option name	2025-05-29 08:11:33 -05:00
bwatters-r7	b207a8848c	Fix references to LDAP Datastore Options	2025-05-28 12:02:01 -05:00
Diego Ledda	9b7e27e946	Merge pull request #20185 from Chocapikk/wp_depicter_sqli_cve_2025_2011 Add WP Depicter Plugin Unauth SQL Injection (CVE-2025-2011)	2025-05-28 18:38:52 +02:00
bwatters-r7	e282bbda99	Update datastore option names in module and docs	2025-05-28 09:23:36 -05:00
Spencer McIntyre	dae8c9b43a	Update the ldap/change_password module	2025-05-28 10:19:30 -04:00
sjanusz-r7	cdc51b41f6	Add GraphQL Introspection Scanner documentation	2025-05-27 17:24:35 +01:00
mariomontecatine	e7a2809ca0	Adding documentation for modules/auxiliary/scanner/http/copy_of_file.rb	2025-05-21 14:48:10 -04:00
Chocapikk	2820a0418f	Update code to use Wordpress::SQLi mixin ^^	2025-05-21 18:27:02 +02:00
Martin Sutovsky	282d0f7820	Refactor docs	2025-05-21 16:48:54 +02:00
Chocapikk	70d5fb4b65	Move from `scanner` to `gather`	2025-05-19 17:52:00 +02:00
mariomontecatine	8cde1bab78	Documentation for ipv6_multicast_ping.md	2025-05-18 04:31:03 -04:00
Spencer McIntyre	57c69049f7	Merge pull request #20175 from smashery/ruby-kerberoasting Ruby kerberoasting	2025-05-16 10:28:52 -04:00
msutovsky-r7	e3649b31fe	Land #20123 , adds module for path traversal and credential harvester in PowerCom UPSMON Pro POWERCOM UPSMON PRO Path Traversal (CVE-2022-38120) and Credential Harvester (CVE-2022-38121) Module	2025-05-15 07:23:07 +02:00
Chocapikk	1888abaa4d	Add WP Depicter Plugin Unauth SQL Injection (CVE-2025-2011)	2025-05-14 15:54:40 +02:00
Ashley Donaldson	806d0ec557	Kerberoasting documentation	2025-05-13 18:26:25 +10:00
Ashley Donaldson	6d3fc7b732	Neatening kerberoasting modifications	2025-05-13 18:26:25 +10:00
msutovsky-r7	8c647cd1ad	Land #20118 , changes target option for smb_to_ldap module Fix the smb_to_ldap module's missing target option	2025-05-12 09:56:06 +02:00
h4x-x0r	1cc0269edf	more versions tested	2025-05-07 18:05:57 +01:00
h4x-x0r	b5989070d0	path update	2025-05-07 18:05:04 +01:00
h4x-x0r	9ab2acc50f	updated	2025-05-07 18:03:58 +01:00
h4x-x0r	60668f3e26	CVE-2023-2917	2025-05-07 04:12:53 +01:00
h4x-x0r	8b94a560e7	Adjusted path	2025-05-07 03:53:36 +01:00

1 2 3 4 5 ...

2101 Commits