infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

automatic module_metadata_base.json update

master
Metasploit 2018-12-11 10:12:09 -08:00
parent ae089ce573
commit afa5b5db57
No known key found for this signature in database
GPG Key ID: CDFB5FA52007B954
1 changed files with 49 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
db/modules_metadata_base.json
View File

@ -70458,6 +70458,55 @@
"notes": {
}
},
"exploit_multi/php/wp_duplicator_code_inject": {
"name": "Snap Creek Duplicator WordPress plugin code injection",
"full_name": "exploit/multi/php/wp_duplicator_code_inject",
"rank": 0,
"disclosure_date": "2018-08-29",
"type": "exploit",
"author": [
"Julien Legras <julien.legras@synacktiv.com>",
"Thomas Chauchefoin <thomas.chauchefoin@synacktiv.com>"
],
"description": "When the WordPress plugin Snap Creek Duplicator restores a backup, it\n leaves dangerous files in the filesystem such as installer.php and\n installer-backup.php. These files allow anyone to call a function that\n overwrite the wp-config.php file AND this function does not sanitize\n POST parameters before inserting them inside the wp-config.php file,\n leading to arbitrary PHP code execution.\n WARNING: This exploit WILL break the wp-config.php file. If possible try\n to restore backups of the configuration after the exploit to make the\n WordPress site work again.",
"references": [
"URL-https://www.synacktiv.com/ressources/advisories/WordPress_Duplicator-1.2.40-RCE.pdf",
"WPVDB-9123",
"CVE-2018-17207"
],
"is_server": true,
"is_client": false,
"platform": "PHP",
"arch": "php",
"rport": 80,
"autofilter_ports": [
80,
8080,
443,
8000,
8888,
8880,
8008,
3000,
8443
],
"autofilter_services": [
"http",
"https"
],
"targets": [
"WordPress Duplicator <= 1.2.40"
],
"mod_time": "2018-12-11 11:59:19 +0000",
"path": "/modules/exploits/multi/php/wp_duplicator_code_inject.rb",
"is_install_path": true,
"ref_name": "multi/php/wp_duplicator_code_inject",
"check": true,
"post_auth": false,
"default_credential": false,
"notes": {
}
},
"exploit_multi/postgres/postgres_createlang": {
"name": "PostgreSQL CREATE LANGUAGE Execution",
"full_name": "exploit/multi/postgres/postgres_createlang",