infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

automatic module_metadata_base.json update

GSoC/Meterpreter_Web_Console
Metasploit 2018-11-29 11:43:11 -08:00
parent 88ca775fd3
commit 0f1923fc9a
No known key found for this signature in database
GPG Key ID: CDFB5FA52007B954
1 changed files with 50 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
db/modules_metadata_base.json
View File

@ -3913,6 +3913,56 @@
"notes": { "notes": {
} }
}, },
"auxiliary_admin/http/wp_gdpr_compliance_privesc": {
"name": "WordPress WP GDPR Compliance Plugin Privilege Escalation",
"full_name": "auxiliary/admin/http/wp_gdpr_compliance_privesc",
"rank": 300,
"disclosure_date": "2018-11-08",
"type": "auxiliary",
"author": [
"Mikey Veenstra (WordFence)",
"Thomas Labadie"
],
"description": "The Wordpress GDPR Compliance plugin <= v1.4.2 allows unauthenticated users to set\n wordpress administration options by overwriting values within the database.\n\n The vulnerability is present in WordPresss admin-ajax.php, which allows unauthorized\n users to trigger handlers and make configuration changes because of a failure to do\n capability checks when executing the 'save_setting' internal action.\n\n WARNING: The module sets Wordpress configuration options without reading their current\n values and restoring them later.",
"references": [
"URL-https://www.wordfence.com/blog/2018/11/privilege-escalation-flaw-in-wp-gdpr-compliance-plugin-exploited-in-the-wild/",
"CVE-2018-19207",
"WPVDB-9144"
],
"is_server": false,
"is_client": false,
"platform": "",
"arch": "",
"rport": 80,
"autofilter_ports": [
80,
8080,
443,
8000,
8888,
8880,
8008,
3000,
8443
],
"autofilter_services": [
"http",
"https"
],
"targets": null,
"mod_time": "2018-11-29 06:35:37 +0000",
"path": "/modules/auxiliary/admin/http/wp_gdpr_compliance_privesc.rb",
"is_install_path": true,
"ref_name": "admin/http/wp_gdpr_compliance_privesc",
"check": true,
"post_auth": true,
"default_credential": true,
"notes": {
"SideEffects": [
"config-changes"
]
}
},
"auxiliary_admin/http/wp_symposium_sql_injection": { "auxiliary_admin/http/wp_symposium_sql_injection": {
"name": "WordPress Symposium Plugin SQL Injection", "name": "WordPress Symposium Plugin SQL Injection",
"full_name": "auxiliary/admin/http/wp_symposium_sql_injection", "full_name": "auxiliary/admin/http/wp_symposium_sql_injection",