infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

More references and pass msftidy

bug/bundler_fix
sinn3r 2014-09-16 12:54:27 -05:00
parent 7a7b6cb443
commit 158d4972d9
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
modules/exploits/multi/http/phpwiki_ploticus_exec.rb
View File

@ -13,9 +13,10 @@ class Metasploit3 < Msf::Exploit::Remote
def initialize(info = {})
super(update_info(info,
'Name' => 'Phpwiki ploticus Remote Code Execution',
'Name' => 'Phpwiki Ploticus Remote Code Execution',
'Description' => %q{
The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execute arbitrary code via command injection.
The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execute arbitrary
code via command injection.
},
'Author' =>
[
@ -27,7 +28,9 @@ class Metasploit3 < Msf::Exploit::Remote
[
[ 'CVE', '2014-5519' ],
[ 'OSVDB', '110576' ],
[ 'EDB', '34451']
[ 'EDB', '34451'],
[ 'URL', 'https://sourceforge.net/p/phpwiki/code/8974/?page=1' ], # This commit prevents exploitation
[ 'URL', 'http://seclists.org/fulldisclosure/2014/Aug/77' ] # The day the vuln went public
],
'Payload' =>
{