>> ARCHIVE: 2017-09

This Metasploit module exploits a directory traversal vulnerability found in Carlo Gavazzi Powersoft versions 2.1.1.1 and below. The vulnerability is triggered when sending a specially crafted GET request to the…

This Metasploit module exploits a flaw found in Indusoft Web Studio versions 7.1 and below before SP2 Patch 4. This specific flaw allows users to browse outside of the webroot…

ICAffiliateTracking version 1.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

ICSiteBuilder version 1.1 suffers from a remote SQL injection vulnerability.

Carel PlantVisor version 2.4.4 suffers from a directory traversal vulnerability.

This Metasploit module exploits a stack based buffer overflow vulnerability found in Dameware Mini Remote Control v4.0. The overflow is caused when sending an overly long username to the DWRCS…

This Metasploit module exploits a file upload vulnerability found within Cloudview NMS versions prior to 2.00b. The vulnerability is triggered by sending specialized packets to the server with directory traversal…

This Metasploit module exploits a command injection vulnerability found within the sync_rserver function in Util.pm. The vulnerability is triggered due to an incomplete blacklist during the parsing of the $uuid…

Proof of concept exploit for a Microsoft Windows .NET Framework remote code execution vulnerability. It spawns mspaint.

This Metasploit module exploits a vulnerability found in Cloudview NMS server. The software contains a directory traversal vulnerability that allows a remote attacker to write arbitrary file to the file…