Module description update. TARGETURI description update.
parent
fab3bfcea1
commit
8d837f5d20
|
@ -17,14 +17,14 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
'Name' => "appRain CMF Arbitrary PHP File Upload Vulnerability",
|
||||
'Description' => %q{
|
||||
This module exploits a vulnerability found in appRain's Content Management
|
||||
Framework (CMF), version 0.1.5 or less. By abusing the uploadify.php, a malicious
|
||||
user can upload a file to the uploads/ directory without any authentication,
|
||||
which results in arbitrary code execution.
|
||||
Framework (CMF), version 0.1.5 or less. By abusing the uploadify.php file, a
|
||||
malicious user can upload a file to the uploads/ directory without any
|
||||
authentication, which results in arbitrary code execution.
|
||||
},
|
||||
'License' => MSF_LICENSE,
|
||||
'Author' =>
|
||||
[
|
||||
'EgiX',
|
||||
'EgiX', #Discovery, PoC
|
||||
'sinn3r' #Metasploit
|
||||
],
|
||||
'References' =>
|
||||
|
@ -53,7 +53,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
|
||||
register_options(
|
||||
[
|
||||
OptString.new('TARGETURI', [true, 'The path to appRain', '/appRain-q-0.1.5'])
|
||||
OptString.new('TARGETURI', [true, 'The base path to appRain', '/appRain-q-0.1.5'])
|
||||
], self.class)
|
||||
end
|
||||
|
||||
|
|
Loading…
Reference in New Issue