infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Module description update. TARGETURI description update.

unstable
sinn3r 2012-05-23 18:33:32 -05:00
parent fab3bfcea1
commit 8d837f5d20
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
modules/exploits/multi/http/apprain_upload_exec.rb
View File

@ -17,14 +17,14 @@ class Metasploit3 < Msf::Exploit::Remote
'Name' => "appRain CMF Arbitrary PHP File Upload Vulnerability",
'Description' => %q{
This module exploits a vulnerability found in appRain's Content Management
Framework (CMF), version 0.1.5 or less. By abusing the uploadify.php, a malicious
user can upload a file to the uploads/ directory without any authentication,
which results in arbitrary code execution.
Framework (CMF), version 0.1.5 or less. By abusing the uploadify.php file, a
malicious user can upload a file to the uploads/ directory without any
authentication, which results in arbitrary code execution.
},
'License' => MSF_LICENSE,
'Author' =>
[
'EgiX',
'EgiX', #Discovery, PoC
'sinn3r' #Metasploit
],
'References' =>
@ -53,7 +53,7 @@ class Metasploit3 < Msf::Exploit::Remote
register_options(
[
OptString.new('TARGETURI', [true, 'The path to appRain', '/appRain-q-0.1.5'])
OptString.new('TARGETURI', [true, 'The base path to appRain', '/appRain-q-0.1.5'])
], self.class)
end