Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star

Showing 7,361 of 22,177 total issues

Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(update_info(info,
      'Name'        => 'Trend Micro Threat Discovery Appliance admin_sys_time.cgi Remote Command Execution',
      'Description' => %q{
          This module exploits two vulnerabilities the Trend Micro Threat Discovery Appliance.
Severity: Major
Found in modules/exploits/multi/http/trendmicro_threat_discovery_admin_sys_time_cmdi.rb - About 2 hrs to fix

    Method do_login has 52 lines of code (exceeds 25 allowed). Consider refactoring.
    Open

      def do_login
    res = send_request_cgi(
    {
      'uri'     => '/en-US/account/login',
      'method'  => 'GET'
    Severity: Major
    Found in modules/exploits/multi/http/splunk_mappy_exec.rb - About 2 hrs to fix

      Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring.
      Open

        def initialize(info = {})
    super(update_info(info,
      'Name'        => 'JBoss Java Class DeploymentFileRepository WAR Deployment',
      'Description' => %q{
          This module uses the DeploymentFileRepository class in
      Severity: Major
      Found in modules/exploits/multi/http/jboss_deploymentfilerepository.rb - About 2 hrs to fix

        Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring.
        Open

          def initialize(info={})
    super(update_info(info,
      'Name'           => "Dell SonicWALL Scrutinizer 11.01 methodDetail SQL Injection",
      'Description'    => %q{
        This module exploits a vulnerability found in Dell SonicWALL Scrutinizer. The methodDetail
        Severity: Major
        Found in modules/exploits/multi/http/sonicwall_scrutinizer_methoddetail_sqli.rb - About 2 hrs to fix

          Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring.
          Open

            def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'qdPM 9.1 Authenticated Arbitrary PHP File Upload (RCE)',
          Severity: Major
          Found in modules/exploits/multi/http/qdpm_authenticated_rce.rb - About 2 hrs to fix

            Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring.
            Open

              def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Moodle Teacher Enrollment Privilege Escalation to RCE',
            Severity: Major
            Found in modules/exploits/multi/http/moodle_teacher_enrollment_priv_esc_to_rce.rb - About 2 hrs to fix

              Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring.
              Open

                def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'PHP CGI Argument Injection',
              Severity: Major
              Found in modules/exploits/multi/http/php_cgi_arg_injection.rb - About 2 hrs to fix

                Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring.
                Open

                  def initialize(info = {})
    super(update_info(info,
      'Name'            => 'Oracle Forms and Reports Remote Code Execution',
      'Description'     => %q{
      This module uses two vulnerabilities in Oracle Forms and Reports to get remote code execution
                Severity: Major
                Found in modules/exploits/multi/http/oracle_reports_rce.rb - About 2 hrs to fix

                  Method exploit has 52 lines of code (exceeds 25 allowed). Consider refactoring.
                  Open

                    def exploit
    payload_name = rand_text_alpha(rand(10) + 5) + '.php'

    print_status("Using SQL injection to acquire credentials")
    user = database_get_field('users', 'name', 0)
                  Severity: Major
                  Found in modules/exploits/multi/http/dexter_casinoloader_exec.rb - About 2 hrs to fix

                    Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring.
                    Open

                      def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Apple iOS Default SSH Password Vulnerability',
                    Severity: Major
                    Found in modules/exploits/apple_ios/ssh/cydia_default_ssh.rb - About 2 hrs to fix

                      Method exploit has 52 lines of code (exceeds 25 allowed). Consider refactoring.
                      Open

                        def exploit

    if target.name =~ /Windows/
      print_status("Creating payload vbs script")
      encoded_payload = generate_payload_exe().unpack("H*").join
                      Severity: Major
                      Found in modules/exploits/multi/misc/indesign_server_soap.rb - About 2 hrs to fix

                        Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring.
                        Open

                          def initialize(info = {})
    super(update_info(info,
      'Name'           => 'EasyFTP Server MKD Command Stack Buffer Overflow',
      'Description'    => %q{
          This module exploits a stack-based buffer overflow in EasyFTP Server 1.7.0.11
                        Severity: Major
                        Found in modules/exploits/windows/ftp/easyftp_mkd_fixret.rb - About 2 hrs to fix

                          Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring.
                          Open

                            def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'mySCADA MyPRO Authenticated Command Injection (CVE-2023-28384)',
                          Severity: Major
                          Found in modules/exploits/windows/scada/mypro_cmdexe.rb - About 2 hrs to fix

                            Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring.
                            Open

                              def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Lexmark Driver Privilege Escalation',
                            Severity: Major
                            Found in modules/exploits/windows/local/lexmark_driver_privesc.rb - About 2 hrs to fix

                              Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring.
                              Open

                                def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'Windows SetImeInfoEx Win32k NULL Pointer Dereference',
                              Severity: Major
                              Found in modules/exploits/windows/local/ms18_8120_win32k_privesc.rb - About 2 hrs to fix

                                Method exploit has 52 lines of code (exceeds 25 allowed). Consider refactoring.
                                Open

                                  def exploit
    # Make sure we meet the requirements before running the script
    if !(session.type == "meterpreter" || have_powershell?)
      print_error("Incompatible Environment")
      return
                                Severity: Major
                                Found in modules/exploits/windows/local/ps_persist.rb - About 2 hrs to fix

                                  Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring.
                                  Open

                                    def initialize(info = {})
    super(
      update_info(
        info,
        {
                                  Severity: Major
                                  Found in modules/exploits/windows/local/ms13_053_schlamperei.rb - About 2 hrs to fix

                                    Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring.
                                    Open

                                      def initialize(info = {})
    super(update_info(info,
      'Name'           => 'HTTPDX h_handlepeer() Function Buffer Overflow',
      'Description'    => %q{
          This module exploits a stack-based buffer overflow vulnerability in HTTPDX HTTP server 1.4. The
                                    Severity: Major
                                    Found in modules/exploits/windows/http/httpdx_handlepeer.rb - About 2 hrs to fix

                                      Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring.
                                      Open

                                        def initialize(info = {})
    super(update_info(info,
      'Name'        => 'Computer Associates License Client GETCONFIG Overflow',
      'Description'    => %q{
          This module exploits a vulnerability in the CA License Client
                                      Severity: Major
                                      Found in modules/exploits/windows/license/calicclnt_getconfig.rb - About 2 hrs to fix

                                        Method initialize has 52 lines of code (exceeds 25 allowed). Consider refactoring.
                                        Open

                                          def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'AdminStudio LaunchHelp.dll ActiveX Arbitrary Code Execution',
                                        Severity: Major
                                        Found in modules/exploits/windows/browser/zenworks_helplauncher_exec.rb - About 2 hrs to fix
                                          Severity
                                          Category
                                          Status
                                          Source
                                          Language