05f2012ccc
Merge pull request #20338 from Chocapikk/xorcom
...
Add auxiliary and exploit modules for Xorcom CompletePBX 5.2.35 CVEs (2025-2292, 30004, 30005)
2025-07-22 08:19:36 -07:00
adff497bd2
Updates msf5 as well
2025-07-17 11:51:29 +01:00
469f102596
Updates docs to reflect new default prompt
2025-07-17 09:53:40 +01:00
b06903810c
feat(xorcom): add shared CompletePBX mixin, refactor modules, update docs
2025-07-16 21:25:17 +02:00
eb81de6620
Update documentation/modules/auxiliary/scanner/http/xorcom_completepbx_diagnostics_file_read.md
...
Co-authored-by: jheysel-r7 <Jack_Heysel@rapid7.com >
2025-07-16 19:32:52 +02:00
914f874e12
Merge pull request #20216 from sjanusz-r7/add-graphql-aux-scanner-module
...
Add GraphQL Auxiliary Scanner module
2025-07-15 10:39:44 -07:00
2a008c83d1
Add auxiliary and exploit modules for Xorcom CompletePBX 5.2.35 CVEs (2025-2292, 30004, 30005, 30006)
2025-06-22 09:07:20 +02:00
166db38e67
Add missing newlines to render the markdown properly
2025-06-05 10:49:47 -04:00
ff78d179a3
Edited jenkins_enum Documentation
2025-06-03 23:36:13 -07:00
ac4e574eea
Added jenkins_enum Documentation
2025-06-03 23:25:15 -07:00
cdc51b41f6
Add GraphQL Introspection Scanner documentation
2025-05-27 17:24:35 +01:00
e7a2809ca0
Adding documentation for modules/auxiliary/scanner/http/copy_of_file.rb
2025-05-21 14:48:10 -04:00
9808172c9e
Address OPNSense login scanner PR feedback
2025-04-04 15:58:40 +01:00
2b0d9b4971
Add OPNSense Login Scanner module
2025-03-31 14:57:44 +01:00
b5ef4cdd6f
Add pfSense login scanner docs
2025-03-28 11:35:56 +00:00
f046e70b76
Land #19894 , SimpleHelp Path Traversal CVE-2024-57727
...
Land #19894 , SimpleHelp Path Traversal CVE-2024-57727
2025-02-25 12:00:34 +01:00
e4ee651c9b
Updated docs, fixed Notes
2025-02-24 10:26:01 -08:00
fae3d8390a
Calling check method fix & Additional documentation
2025-02-24 15:52:00 +01:00
fc25e177fc
SimpleHelp Path Traversal CVE-2024-57727
2025-02-21 08:15:46 -08:00
f132b8ffe1
Update documentation/modules/auxiliary/scanner/http/netalertx_file_read.md
...
Co-authored-by: Takahiro Yokoyama <tkhr.y0k0yama@gmail.com >
2025-02-18 13:44:26 +01:00
00d4feb2b5
Adding documentation, file renaming
2025-02-14 14:43:43 +01:00
095bd946f4
docs: updated docs
2024-12-10 15:35:16 +01:00
500df59156
Changed plaintext to sh for better looking output
2024-12-06 12:44:50 +05:30
547bc96603
Modified the output in the document
2024-12-06 12:43:20 +05:30
f426dc6c20
msftidy_docs Fixes
2024-12-06 12:02:18 +05:30
897dfcd328
Added documentation of the auxiliary module
2024-12-06 11:57:04 +05:30
219981227d
Update documentation/modules/auxiliary/scanner/http/strapi_3_password_reset.md
...
Co-authored-by: adfoster-r7 <60357436+adfoster-r7@users.noreply.github.com >
2024-11-16 15:36:00 -05:00
6629d5dff2
strapi password reset
2024-11-15 15:12:34 -05:00
2e8892cb01
Land #19517 , Add WooCommerce SQLi module
...
This adds a new auxiliary module that exploits an unauthenticated SQL injection vulnerability in the TI WooCommerce Wishlist plugin for WordPress (versions <= 2.8.2). The vulnerability allows attackers to execute SQL queries via the order parameter which can be used to dump usernames and their hashed passwords.
2024-10-31 12:09:55 -04:00
87af327507
Merge branch 'master' into wp_ultimate_member_sorting_sqli
2024-10-29 16:34:10 -04:00
7ccb2991f6
Improve nonce detection, fix bug
2024-10-29 19:41:47 +01:00
e85ee0271d
Land #19482 , LearnPress SQLi module (CVE-2024-8522, CVE-2024-8529)
2024-10-17 11:13:49 +02:00
145a23625d
Add LearnPress SQLi module (CVE-2024-8522, CVE-2024-8529)
2024-10-14 18:15:01 +02:00
668424a444
Add unauth SQLi exploit module for Ultimate Member plugin (CVE-2024-1071)
2024-10-14 18:14:10 +02:00
95e64a0a3b
Add module for TI WooCommerce Wishlist SQL Injection (CVE-2024-43917)
2024-10-14 18:11:41 +02:00
8553f625a4
Add auxiliary/scanner/http/wp_fastest_cache_sqli
2024-10-14 18:03:46 +02:00
f62f5b2c9c
Add working documentation
2024-09-18 16:30:07 +02:00
550a376210
Add suggestions + documentation
2024-09-11 21:17:44 +02:00
38b9278f42
Add document
2024-08-12 09:21:18 +09:00
d4696c0487
Document the auth bypass module
2024-06-06 15:48:25 -04:00
df47814029
Land #18454 , add AppleTV and Axis Login Doc files.
2023-10-30 16:38:14 -04:00
1dc4e35134
Fix typos and log vulnerable servers
...
Log servers that are vulnerable but don't leak any cookies
2023-10-27 11:47:01 -04:00
94ede61a99
Add module docs
2023-10-26 09:52:59 -04:00
83e5b7a103
Update documentation/modules/auxiliary/scanner/http/appletv_login.md
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-10-19 17:22:18 -04:00
8192d204b7
Update documentation/modules/auxiliary/scanner/http/appletv_login.md
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-10-19 17:22:08 -04:00
ea4bc95e7b
Update documentation/modules/auxiliary/scanner/http/appletv_login.md
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-10-19 17:22:02 -04:00
d2a3e2f5f2
Update documentation/modules/auxiliary/scanner/http/appletv_login.md
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-10-19 17:21:55 -04:00
24c5d8197d
Update documentation/modules/auxiliary/scanner/http/axis_login.md
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-10-19 17:21:49 -04:00
95a9a0b2ee
Update documentation/modules/auxiliary/scanner/http/appletv_login.md
...
Co-authored-by: Christophe De La Fuente <56716719+cdelafuente-r7@users.noreply.github.com >
2023-10-19 17:21:00 -04:00
1a86610b57
New documentation peice added.
2023-10-14 00:05:20 -04:00
jheysel-r7