Firefox PDF.js Privileged Javascript Injection
This Metasploit module gains remote code execution on Firefox 35-36 by abusing a privilege escalation bug in resource:// URIs. PDF.js is used to exploit the bug. This exploit requires the user to click...
View ArticleNibbleblog File Upload
Nibbleblog contains a flaw that allows an authenticated remote attacker to execute arbitrary PHP code. This Metasploit module was tested on version 4.0.3.
View ArticleWordPress Ajax Load More PHP Upload
This Metasploit module exploits an arbitrary file upload in the WordPress Ajax Load More version 2.8.1.1. It allows you to upload arbitrary php files and get remote code execution. This Metasploit...
View ArticleAlienVault USM/OSSIM 5.3.4 / 5.3.5 Remote Command Execution
This Metasploit module exploits an unauthenticated command injection in Alienvault USM/OSSIM versions 5.3.4 and 5.3.5. The vulnerability lies in an API function that does not check for authentication...
View ArticleHP Mercury LoadRunner Agent magentproc.exe Remote Command Execution
This Metasploit module exploits a remote command execution vulnerability in HP LoadRunner before 9.50 and also HP Performance Center before 9.50. HP LoadRunner 12.53 and other versions are also most...
View Article