automatic module_metadata_base.json update

4.x
Metasploit 2019-04-15 05:50:15 -07:00
parent c0a5e36b2e
commit 3881c61eb7
No known key found for this signature in database
GPG Key ID: CDFB5FA52007B954
1 changed files with 43 additions and 0 deletions

View File

@ -3789,6 +3789,49 @@
]
}
},
"auxiliary_admin/http/wp_google_maps_sqli": {
"name": "WordPress Google Maps Plugin SQL Injection",
"full_name": "auxiliary/admin/http/wp_google_maps_sqli",
"rank": 300,
"disclosure_date": "2019-04-02",
"type": "auxiliary",
"author": [
"Thomas Chauchefoin (Synacktiv)"
],
"description": "This module exploits a SQL injection vulnerability in a REST endpoint\n registered by the WordPress plugin wp-google-maps between 7.11.00 and\n 7.11.17 (included).\n\n As the table prefix can be changed by administrators, set DB_PREFIX\n accordingly.",
"references": [
"CVE-2019-10692",
"WPVDB-9249"
],
"platform": "",
"arch": "",
"rport": 80,
"autofilter_ports": [
80,
8080,
443,
8000,
8888,
8880,
8008,
3000,
8443
],
"autofilter_services": [
"http",
"https"
],
"targets": null,
"mod_time": "2019-04-15 07:06:27 +0000",
"path": "/modules/auxiliary/admin/http/wp_google_maps_sqli.rb",
"is_install_path": true,
"ref_name": "admin/http/wp_google_maps_sqli",
"check": true,
"post_auth": false,
"default_credential": false,
"notes": {
}
},
"auxiliary_admin/http/wp_symposium_sql_injection": {
"name": "WordPress Symposium Plugin SQL Injection",
"full_name": "auxiliary/admin/http/wp_symposium_sql_injection",