metasploit-gs

Author	SHA1	Message	Date
msutovsky-r7	0b4e133001	Land #20018 , pgAdmin Authenticated RCE (CVE-2025-2945) pgAdmin Query Tool Authenticated RCE (CVE-2025-2945)	2025-04-11 10:34:02 +02:00
Jack Heysel	4cec129e1c	Responded to comments	2025-04-10 10:53:05 -07:00
Jack Heysel	ddb29d6181	Removed unnecessary method	2025-04-10 07:18:42 -07:00
Jack Heysel	290a35b0f6	pgAdmin Query Tool Authenticated RCE (CVE-2025-2945)	2025-04-09 17:32:10 -07:00
Brendan	4da78bd550	Merge pull request #19994 from sfewer-r7/CVE-2021-35587 Adds exploit module for CVE-2021-35587, an unauthenticated deserialization vulnerability affecting Oracle Access Manager (OAM).	2025-04-08 08:59:18 -05:00
Stephen Fewer	03f5291bcc	Improve the documentation, fix typo in console commands, add comment to wait for DB container to complete setup (Thanks Brendan). Co-authored-by: Brendan <bwatters@rapid7.com>	2025-04-08 09:41:47 +01:00
Stephen Fewer	16e374750f	Improve the documentation, add steps to create /opt/oracle/user_projects (thanks Brendan). Co-authored-by: Brendan <bwatters@rapid7.com>	2025-04-08 09:40:21 +01:00
msutovsky-r7	fe9a0ad25b	Land #20008 , PandoraFMS Auth RCE module Pandora FMS authenticated RCE [CVE-2024-12971]	2025-04-08 07:50:28 +02:00
h00die-gr3y	76fb34a5db	small update in description of the module and documentation	2025-04-06 10:49:03 +00:00
h00die-gr3y	8a72fd6861	init module and documentation	2025-04-06 10:33:56 +00:00
Takah1ro	139dd50333	Add Appsmith RCE module (CVE-2024-55964)	2025-04-05 14:56:04 +09:00
remmons-r7	e9070e3472	crushftp_authbypass_cve_2025_2825.md	2025-04-02 20:06:57 -05:00
jheysel-r7	d16eeab32c	Merge pull request #19995 from chutton-r7/cve-2025-24813 Module for CVE-2025-24813	2025-04-02 14:20:52 -07:00
Jack Heysel	b85faf9440	Update documentation	2025-04-02 14:10:46 -07:00
Jack Heysel	6816589378	Added FileDropper for cleanup	2025-04-02 13:37:39 -07:00
Jack Heysel	fefb954827	Correct Tomcat version listed in Scenarios section	2025-04-02 13:02:26 -07:00
Jack Heysel	4058173a1c	Correct spelling	2025-04-02 12:57:20 -07:00
sfewer-r7	b44540bc35	update docs to give some more detail on the testing setup	2025-04-02 20:51:39 +01:00
Jack Heysel	1e58d419f6	Updated docs, added Setup steps	2025-04-02 12:03:21 -07:00
sfewer-r7	dc74b37577	add in a scenario for the Unix Command target to the docs	2025-04-02 15:32:18 +01:00
chutton-r7	917aaeb027	Add module docs	2025-04-02 10:22:01 +01:00
sfewer-r7	c5d3512659	update docs	2025-04-01 13:05:28 +01:00
sfewer-r7	acafd884b5	add in the initial exploit for CVE-2021-35587, only tested on 12.2.1.4.0 so far.	2025-04-01 12:56:38 +01:00
jheysel-r7	e841a45db2	Merge pull request #19985 from sjanusz-r7/add-pfsense-login-scanner Add pfSense Login Scanner module	2025-03-28 11:12:43 -07:00
jheysel-r7	5505bb5ef1	Merge pull request #19947 from machang-r7/machang-r7-module-cve-2025-27218 Create sitecore_xp_cve_2025_27218.rb	2025-03-28 07:40:28 -07:00
sjanusz-r7	b5ef4cdd6f	Add pfSense login scanner docs	2025-03-28 11:35:56 +00:00
Diego Ledda	985cea3278	Land #19980 , Add CMSMadeSimple (CMSMS) File Manager Auth RCE (CVE-2023-36969) Land #19980, Add CMSMadeSimple (CMSMS) File Manager Auth RCE (CVE-2023-36969)	2025-03-28 12:24:30 +01:00
jheysel-r7	08e227faca	Merge pull request #19934 from sfewer-r7/bugfix-cisco-iosxe-rce Improve exploit/linux/misc/cisco_ios_xe_rce (CVE-2023-20198 + CVE-2023-20273)	2025-03-27 16:51:16 -07:00
Jack Heysel	fa0c29837e	Update author, rubocop, msftidy_docs	2025-03-27 09:36:10 -07:00
Jack Heysel	74cc1d313c	Add documentation	2025-03-27 09:28:44 -07:00
tastyrce	8479350b3e	Update documentation Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com>	2025-03-28 03:17:47 +11:00
tastyrce	8423d6ff87	Update removal of default page while installation Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>	2025-03-27 22:11:21 +11:00
tastyrce	9bdff3e803	Add extra dependencies during installation Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>	2025-03-27 22:10:32 +11:00
jheysel-r7	26869588db	Merge pull request #19987 from zeroSteiner/fix/mod/ivanti-login Update the Ivanti and Sonicwall Bruteforce modules	2025-03-26 15:06:10 -07:00
Spencer McIntyre	30d071e098	Make the same changes for sonicwall	2025-03-26 17:25:13 -04:00
Spencer McIntyre	7476ea9006	Brute force modules should be named service_login	2025-03-26 16:14:16 -04:00
Diego Ledda	9c42bdd103	Land #19974 , GLPI Inventory Plugin Unauth Blind Boolean SQLi (CVE-2025-24799) Land #19974, GLPI Inventory Plugin Unauth Blind Boolean SQLi (CVE-2025-24799)	2025-03-25 19:45:54 +01:00
Spencer McIntyre	bf1f919d9f	Merge pull request #19957 from msutovsky-r7/auxmodule-eramba-update Auxmodule eramba update	2025-03-25 13:54:24 -04:00
tastyrce	162e73a62e	add module documentation	2025-03-22 04:57:38 -04:00
Jack Heysel	cde6034614	Account for all vulnerable version DB schemas	2025-03-20 13:09:17 -07:00
Martin Sutovsky	d922976ea4	Adding more clear installation steps	2025-03-20 19:54:57 +01:00
Martin Sutovsky	df027f3fdd	Update documentation, adding more precise check, removing unnecessary characters	2025-03-20 15:18:55 +01:00
bwatters-r7	ec67435de9	Rebase and squash for CVE-2024-30085	2025-03-20 09:03:28 -05:00
Jack Heysel	e3d9561be1	GLPI Inventory Plugin Unauthenticated Blind Boolean SQLi (CVE-2025-24799)	2025-03-19 12:50:40 -07:00
Christophe De La Fuente	d4fd890fed	Add the smb_to_ldap relay module and documentation	2025-03-14 15:28:39 +01:00
msutovsky-r7	9961bfbc58	Land #19950 , module for InvoiceShelf unauthenticated PHP deserialization InvoiceShelf unauthenticated PHP deserialization vulnerability [CVE-2024-55556]	2025-03-14 10:21:56 +01:00
Martin Sutovsky	9886f78575	Upgrade Eramba RCE module	2025-03-13 12:34:50 +01:00
h00die-gr3y	e341398871	small update on module and documentation	2025-03-10 19:35:37 +00:00
H00die.Gr3y	44bdc5b44f	Update documentation/modules/exploit/linux/http/invoiceshelf_unauth_rce_cve_2024_55556.md Co-authored-by: msutovsky-r7 <martin_sutovsky@rapid7.com>	2025-03-10 19:29:12 +01:00
h00die-gr3y	281b728000	initial module and documentation	2025-03-07 17:34:22 +00:00

1 2 3 4 5 ...

6982 Commits