Commit Graph

429 Commits (94e7164b0143b60b09bfaeac85d9c0152ecc072d)

Author SHA1 Message Date
Tod Beardsley 8d7396d60a Minor description changes on new modules 2013-07-08 16:24:40 -05:00
jvazquez-r7 f3f3a8239e Land #2043, @ricardojba exploit for InstantCMS 2013-07-03 12:11:30 -05:00
jvazquez-r7 c07e65d16e Improve and clean instantcms_exec 2013-07-03 11:37:57 -05:00
Ricardo Almeida dd876008f9 Update instantcms_exec.rb 2013-07-02 17:26:14 +01:00
Ricardo Almeida dafa333e57 Update instantcms_exec.rb 2013-07-01 22:03:37 +01:00
Tod Beardsley bc24f99f8d Various description and title updates 2013-07-01 15:37:37 -05:00
Ricardo Almeida 760133d878 Error on line 60 2013-07-01 12:04:03 -04:00
Ricardo Almeida 4cd08966ff added InstantCMS 1.6 PHP Code Injection 2013-07-01 11:44:47 -04:00
jvazquez-r7 867eed7957 Make msftidy happy 2013-06-30 10:01:40 -05:00
jvazquez-r7 db00599d44 Move carberp_backdoor_exec to unix webapp exploits foler 2013-06-30 10:00:14 -05:00
Steve Tornio 6ea622c45e reference updates 2013-06-26 09:44:56 -05:00
sinn3r 4df943d1a2 CVE and OSVDB update 2013-06-25 02:06:20 -05:00
sinn3r 5b0092ff39 Land #2006 - Ref updates 2013-06-23 18:26:48 -05:00
Steve Tornio 14850cd387 reference updates for multiple modules 2013-06-22 07:28:04 -05:00
sinn3r 339f2a5c83 Hmmm, one extra ',' 2013-06-21 21:29:17 -05:00
sinn3r 8d422c9a39 Forgot to randomize the fake pass and remove the payload during testing 2013-06-21 21:27:11 -05:00
sinn3r e7d75d6d16 Add OSVDB-94038: ZPanel htpasswd Module Username Command Execution 2013-06-21 21:03:10 -05:00
jvazquez-r7 494ee160af Fix indent 2013-06-19 23:12:12 -05:00
jvazquez-r7 2d99c46414 Land #1990, @wchen-r7's exploit for Libretto CMS 2013-06-19 23:11:34 -05:00
sinn3r 079477c57d Commit final version 2013-06-19 20:35:24 -05:00
sinn3r 62b23bc594 Initial (incomplete) commit 2013-06-19 16:59:15 -05:00
James Lee 81b4efcdb8 Fix requires for PhpEXE
And incidentally fix some msftidy complaints
2013-06-19 16:27:59 -05:00
sinn3r d347be35e9 Land #1986 - Restores MoinMoin during exploitation 2013-06-19 12:14:10 -05:00
jvazquez-r7 a894dc83c2 Try restore also at exploiting time 2013-06-19 11:35:52 -05:00
sinn3r 7b0977f897 Change base path 2013-06-19 11:33:45 -05:00
sinn3r f0c81ed3cc Correct disclosure date 2013-06-19 03:00:32 -05:00
sinn3r 67593d6ef4 Eh, PHP, not "php" 2013-06-19 02:34:49 -05:00
sinn3r 9c3bd12613 If I can't write, I want to know.
It's possible that the upload directory doesn't allow write, the
module should be aware of that.  Other reasons may be possible.
2013-06-19 02:32:30 -05:00
sinn3r 19d868748d Final version 2013-06-19 02:21:01 -05:00
sinn3r 5c1822ea17 Initial commit for havalite module 2013-06-18 19:00:42 -05:00
sinn3r 3223ea799c An invalid WritablePage option can result the same message as well. 2013-06-17 22:30:44 -05:00
jvazquez-r7 044bd2101f Authenticate against the page to modify 2013-06-17 20:34:02 -05:00
jvazquez-r7 0bd6ca2a6a Add module for CVE-2012-6081 2013-06-17 16:13:55 -05:00
h0ng10 ccef6e12d2 changed to array in array 2013-05-16 19:03:47 +02:00
h0ng10 460542506d changed to array 2013-05-16 19:01:20 +02:00
Tod Beardsley 60e0cfb17b Trivial description cleanup 2013-04-29 14:11:20 -05:00
sinn3r 6c76bee02f Trying to make the description sound smoother 2013-04-26 16:02:28 -05:00
jvazquez-r7 9b5e96b66f Fix @jlee-r7's feedback 2013-04-25 14:53:09 -05:00
jvazquez-r7 52b721c334 Update description 2013-04-25 14:47:35 -05:00
jvazquez-r7 84e9f80ffa Add check for WP-Super-Cache 2013-04-25 14:43:16 -05:00
jvazquez-r7 15c8d92148 Fix version checked and add reference 2013-04-25 12:48:36 -05:00
jvazquez-r7 7d317e5933 Switch from post to get on check 2013-04-25 07:51:28 -05:00
jvazquez-r7 d55faa14d3 Add check function 2013-04-25 07:44:37 -05:00
jvazquez-r7 51fd07a145 Add BID reference 2013-04-24 21:48:05 -05:00
jvazquez-r7 378c2079a2 Add hdm also as author 2013-04-24 17:37:29 -05:00
jvazquez-r7 b816dd569c Update description 2013-04-24 17:34:25 -05:00
jvazquez-r7 573e880a62 Use the correct post id when posting 2013-04-24 17:30:24 -05:00
jvazquez-r7 ded0269ba0 Add POST ID bruteforcing capabality 2013-04-24 17:21:36 -05:00
jvazquez-r7 fca4c3b8b2 Add sha1 sum check to allow execution 2013-04-24 16:10:49 -05:00
jvazquez-r7 d2e29b846c Add module for Wordpress Total Cache PHP Injection 2013-04-24 15:29:40 -05:00