Remove warning about destroying install
parent
9a068e9221
commit
af9d7727ad
|
@ -11,7 +11,6 @@ Content-Lenght: <file-length>
|
||||||
|
|
||||||
The vulnerability is in the "FileName" parameter, which accepts directory traversal (..\\..\\) characters. Therefore, this function can be abused to overwrite any files in the installation drive of CMS Server.
|
The vulnerability is in the "FileName" parameter, which accepts directory traversal (..\\..\\) characters. Therefore, this function can be abused to overwrite any files in the installation drive of CMS Server.
|
||||||
|
|
||||||
Note that this exploit will destroy the CMS installation - it will replace a key DLL!
|
|
||||||
This vulnerability is exploitable in CMS versions up to and including v2.4.
|
This vulnerability is exploitable in CMS versions up to and including v2.4.
|
||||||
|
|
||||||
This module will either use a provided session number (which can be guessed with an auxiliary module) or attempt to login using a provided username and password - it will also try the default credentials if nothing is provided.
|
This module will either use a provided session number (which can be guessed with an auxiliary module) or attempt to login using a provided username and password - it will also try the default credentials if nothing is provided.
|
||||||
|
|
Loading…
Reference in New Issue