metasploit-gs

Author	SHA1	Message	Date
jheysel-r7	f5aafdcfdf	Merge pull request #20046 from Takahiro-Yoko/bentoml_runner_server_rce_cve_2025_32375 Add BentoML's runner server unauth RCE module (CVE-2025-32375)	2025-04-22 12:32:08 -07:00
bcoles	1da0ebff66	exploit/solaris/sunrpc/sadmind_*: Cleanup and add documentation	2025-04-22 13:33:25 +10:00
Brendan	98702a6326	Merge pull request #20044 from jheysel-r7/cve_2025_21293 Updated service_permissions with action to exploit CVE-2025-21293	2025-04-17 13:24:46 -05:00
Takah1ro	e1b5109c70	Add BentoML RCE module (CVE-2025-32375)	2025-04-17 20:46:43 +09:00
Jack Heysel	3ead0fdf42	Add check for is_uac_enabled?	2025-04-16 17:59:53 -07:00
Jack Heysel	9a95f60df6	Updated service_permissions with action to exploit CVE-2025-21293	2025-04-16 10:55:05 -07:00
Takah1ro	edcc30699a	Make user be able to specify a particular endpoint	2025-04-16 21:47:31 +09:00
Takahiro Yokoyama	8dc4beba7f	Update documentation/modules/exploit/linux/http/bentoml_rce_cve_2025_27520.md Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>	2025-04-16 20:48:34 +09:00
Takah1ro	a33a8d91fe	Update the document	2025-04-16 12:52:15 +09:00
Takah1ro	e51cd24383	Add BentoML RCE module (CVE-2025-27520)	2025-04-15 22:46:42 +09:00
msutovsky-r7	140b93e802	Land #20022 , Langflow RCE module Add Langflow unauth RCE module (CVE-2025-3248)	2025-04-14 08:24:44 +02:00
Takah1ro	c7fdcc8e91	Update the document	2025-04-12 10:21:13 +09:00
Takah1ro	f67dfe6a62	Update check	2025-04-11 21:51:45 +09:00
Takahiro Yokoyama	0c20606c8c	Update documentation/modules/exploit/multi/http/langflow_unauth_rce_cve_2025_3248.md Co-authored-by: Julien Voisin <jvoisin@users.noreply.github.com>	2025-04-11 20:44:03 +09:00
msutovsky-r7	0b4e133001	Land #20018 , pgAdmin Authenticated RCE (CVE-2025-2945) pgAdmin Query Tool Authenticated RCE (CVE-2025-2945)	2025-04-11 10:34:02 +02:00
Takah1ro	718a0bc5c7	Change directory from linux to multi	2025-04-11 14:45:10 +09:00
Takah1ro	b613b0a41b	Add Langflow unauth RCE module (CVE-2025-3248)	2025-04-11 14:07:54 +09:00
Jack Heysel	4cec129e1c	Responded to comments	2025-04-10 10:53:05 -07:00
Jack Heysel	ddb29d6181	Removed unnecessary method	2025-04-10 07:18:42 -07:00
Jack Heysel	290a35b0f6	pgAdmin Query Tool Authenticated RCE (CVE-2025-2945)	2025-04-09 17:32:10 -07:00
Brendan	4da78bd550	Merge pull request #19994 from sfewer-r7/CVE-2021-35587 Adds exploit module for CVE-2021-35587, an unauthenticated deserialization vulnerability affecting Oracle Access Manager (OAM).	2025-04-08 08:59:18 -05:00
Stephen Fewer	03f5291bcc	Improve the documentation, fix typo in console commands, add comment to wait for DB container to complete setup (Thanks Brendan). Co-authored-by: Brendan <bwatters@rapid7.com>	2025-04-08 09:41:47 +01:00
Stephen Fewer	16e374750f	Improve the documentation, add steps to create /opt/oracle/user_projects (thanks Brendan). Co-authored-by: Brendan <bwatters@rapid7.com>	2025-04-08 09:40:21 +01:00
msutovsky-r7	fe9a0ad25b	Land #20008 , PandoraFMS Auth RCE module Pandora FMS authenticated RCE [CVE-2024-12971]	2025-04-08 07:50:28 +02:00
h00die-gr3y	76fb34a5db	small update in description of the module and documentation	2025-04-06 10:49:03 +00:00
h00die-gr3y	8a72fd6861	init module and documentation	2025-04-06 10:33:56 +00:00
Takah1ro	139dd50333	Add Appsmith RCE module (CVE-2024-55964)	2025-04-05 14:56:04 +09:00
jheysel-r7	d16eeab32c	Merge pull request #19995 from chutton-r7/cve-2025-24813 Module for CVE-2025-24813	2025-04-02 14:20:52 -07:00
Jack Heysel	b85faf9440	Update documentation	2025-04-02 14:10:46 -07:00
Jack Heysel	6816589378	Added FileDropper for cleanup	2025-04-02 13:37:39 -07:00
Jack Heysel	fefb954827	Correct Tomcat version listed in Scenarios section	2025-04-02 13:02:26 -07:00
Jack Heysel	4058173a1c	Correct spelling	2025-04-02 12:57:20 -07:00
sfewer-r7	b44540bc35	update docs to give some more detail on the testing setup	2025-04-02 20:51:39 +01:00
Jack Heysel	1e58d419f6	Updated docs, added Setup steps	2025-04-02 12:03:21 -07:00
sfewer-r7	dc74b37577	add in a scenario for the Unix Command target to the docs	2025-04-02 15:32:18 +01:00
chutton-r7	917aaeb027	Add module docs	2025-04-02 10:22:01 +01:00
sfewer-r7	c5d3512659	update docs	2025-04-01 13:05:28 +01:00
sfewer-r7	acafd884b5	add in the initial exploit for CVE-2021-35587, only tested on 12.2.1.4.0 so far.	2025-04-01 12:56:38 +01:00
jheysel-r7	5505bb5ef1	Merge pull request #19947 from machang-r7/machang-r7-module-cve-2025-27218 Create sitecore_xp_cve_2025_27218.rb	2025-03-28 07:40:28 -07:00
Diego Ledda	985cea3278	Land #19980 , Add CMSMadeSimple (CMSMS) File Manager Auth RCE (CVE-2023-36969) Land #19980, Add CMSMadeSimple (CMSMS) File Manager Auth RCE (CVE-2023-36969)	2025-03-28 12:24:30 +01:00
jheysel-r7	08e227faca	Merge pull request #19934 from sfewer-r7/bugfix-cisco-iosxe-rce Improve exploit/linux/misc/cisco_ios_xe_rce (CVE-2023-20198 + CVE-2023-20273)	2025-03-27 16:51:16 -07:00
Jack Heysel	fa0c29837e	Update author, rubocop, msftidy_docs	2025-03-27 09:36:10 -07:00
Jack Heysel	74cc1d313c	Add documentation	2025-03-27 09:28:44 -07:00
tastyrce	8479350b3e	Update documentation Co-authored-by: cgranleese-r7 <69522014+cgranleese-r7@users.noreply.github.com>	2025-03-28 03:17:47 +11:00
tastyrce	8423d6ff87	Update removal of default page while installation Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>	2025-03-27 22:11:21 +11:00
tastyrce	9bdff3e803	Add extra dependencies during installation Co-authored-by: Diego Ledda <diego_ledda@rapid7.com>	2025-03-27 22:10:32 +11:00
Spencer McIntyre	bf1f919d9f	Merge pull request #19957 from msutovsky-r7/auxmodule-eramba-update Auxmodule eramba update	2025-03-25 13:54:24 -04:00
tastyrce	162e73a62e	add module documentation	2025-03-22 04:57:38 -04:00
Martin Sutovsky	d922976ea4	Adding more clear installation steps	2025-03-20 19:54:57 +01:00
Martin Sutovsky	df027f3fdd	Update documentation, adding more precise check, removing unnecessary characters	2025-03-20 15:18:55 +01:00

1 2 3 4 5 ...

4143 Commits