Joomla Content History SQL Injection Remote Code Execution Exploit

Posted on Posted in Exploit, Metasploit Modul

Full title Joomla Content History SQL Injection Remote Code Execution Exploit Date add 21-11-2015 Category web applications Platform php Risk Security Risk Critical CVE CVE-2015-7297, CVE-2015-7857, CVE-2015-7858 Description: This Metasploit module exploits a SQL injection vulnerability found in Joomla versions 3.2 up to 3.4.4. The vulnerability exists in the Content History administrator component in the […]

Advantech Switch Bash Environment Variable Code Injection Exploit

Posted on Posted in Exploit, Metasploit Modul

Full title Advantech Switch Bash Environment Variable Code Injection Exploit Date add 02-12-2015 Category remote exploits Platform cgi Risk Security Risk Critical CVE CVE-2014-6271 Description: This Metasploit module exploits the Shellshock vulnerability, a flaw in how the Bash shell handles external environment variables. This Metasploit module targets the ‘ping.sh’ CGI script, accessible through the Boa […]

WordPress Ajax Load More Plugin 2.8.1.1 Upload Shell Exploit

Posted on Posted in Exploit, Metasploit Modul

Full title WordPress Ajax Load More Plugin 2.8.1.1 Upload Shell Exploit Date add 09-11-2015 Category web applications Platform php Risk Security Risk Critical Description: This Metasploit module exploits an arbitrary file upload in the WordPress Ajax Load More version 2.8.1.1. It allows you to upload arbitrary php files and get remote code execution. This Metasploit […]

Nibbleblog File Upload Vulnerability

Posted on Posted in Exploit, Metasploit Modul

EDB-ID: 38489 CVE: N/A OSVDB-ID: N/A Verified: YES Author: metasploit Published: 2015-10-19 Download Exploit: Source Raw Download Vulnerable App: download ## # This module requires Metasploit: http://www.metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require ‘msf/core’ class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include Msf::Exploit::FileDropper def initialize(info = {}) super(update_info( info, ‘Name’ => ‘Nibbleblog File […]