infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Correct version

bug/bundler_fix
Christian Mehlmauer 2014-07-28 22:45:04 +02:00
parent d334797116
commit 621e85a32d
No known key found for this signature in database
GPG Key ID: BCFF4FA966BC32C7
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
modules/exploits/unix/webapp/php_wordpress_foxypress.rb
View File

@ -19,7 +19,7 @@ class Metasploit3 < Msf::Exploit::Remote
This module exploits an arbitrary PHP code execution flaw in the WordPress This module exploits an arbitrary PHP code execution flaw in the WordPress
blogging software plugin known as Foxypress. The vulnerability allows for arbitrary blogging software plugin known as Foxypress. The vulnerability allows for arbitrary
file upload and remote code execution via the uploadify.php script. The Foxypress file upload and remote code execution via the uploadify.php script. The Foxypress
plug-in versions 0.4.2.1 and below are vulnerable. plug-in versions 0.4.1.1 to 0.4.2.1 are vulnerable.
), ),
'Author' => 'Author' =>
[ [
@ -36,7 +36,7 @@ class Metasploit3 < Msf::Exploit::Remote
'Privileged' => false, 'Privileged' => false,
'Platform' => 'php', 'Platform' => 'php',
'Arch' => ARCH_PHP, 'Arch' => ARCH_PHP,
'Targets' => [['Foxypress <= 0.4.2.1', {}]], 'Targets' => [['Foxypress 0.4.1.1 - 0.4.2.1', {}]],
'DisclosureDate' => 'Jun 05 2012', 'DisclosureDate' => 'Jun 05 2012',
'DefaultTarget' => 0)) 'DefaultTarget' => 0))
end end