automatic module_metadata_base.json update
This commit is contained in:
parent
a73a7531a9
commit
401cdca09b
|
@ -98243,6 +98243,68 @@
|
|||
"session_types": false,
|
||||
"needs_cleanup": null
|
||||
},
|
||||
"exploit_multi/http/cve_2023_38836_boidcms": {
|
||||
"name": "BoidCMS Command Injection",
|
||||
"fullname": "exploit/multi/http/cve_2023_38836_boidcms",
|
||||
"aliases": [
|
||||
|
||||
],
|
||||
"rank": 600,
|
||||
"disclosure_date": "2023-07-13",
|
||||
"type": "exploit",
|
||||
"author": [
|
||||
"1337kid",
|
||||
"bwatters-r7"
|
||||
],
|
||||
"description": "This module leverages CVE-2023-38836, an improper sanitization bug in BoidCMS version 2.0.0\n and below. BoidCMS allows the authenticated upload of a php file as media if the file has\n the GIF header, even if the file is a php file.",
|
||||
"references": [
|
||||
"CVE-2023-38836",
|
||||
"URL-https://github.com/1337kid/CVE-2023-38836"
|
||||
],
|
||||
"platform": "",
|
||||
"arch": "cmd",
|
||||
"rport": 80,
|
||||
"autofilter_ports": [
|
||||
80,
|
||||
8080,
|
||||
443,
|
||||
8000,
|
||||
8888,
|
||||
8880,
|
||||
8008,
|
||||
3000,
|
||||
8443
|
||||
],
|
||||
"autofilter_services": [
|
||||
"http",
|
||||
"https"
|
||||
],
|
||||
"targets": [
|
||||
"nix Command",
|
||||
"Windows Command"
|
||||
],
|
||||
"mod_time": "2024-02-29 12:42:22 +0000",
|
||||
"path": "/modules/exploits/multi/http/cve_2023_38836_boidcms.rb",
|
||||
"is_install_path": true,
|
||||
"ref_name": "multi/http/cve_2023_38836_boidcms",
|
||||
"check": true,
|
||||
"post_auth": true,
|
||||
"default_credential": false,
|
||||
"notes": {
|
||||
"Stability": [
|
||||
"crash-safe"
|
||||
],
|
||||
"Reliability": [
|
||||
"repeatable-session"
|
||||
],
|
||||
"SideEffects": [
|
||||
"ioc-in-logs",
|
||||
"artifacts-on-disk"
|
||||
]
|
||||
},
|
||||
"session_types": false,
|
||||
"needs_cleanup": true
|
||||
},
|
||||
"exploit_multi/http/dexter_casinoloader_exec": {
|
||||
"name": "Dexter (CasinoLoader) SQL Injection",
|
||||
"fullname": "exploit/multi/http/dexter_casinoloader_exec",
|
||||
|
|
Loading…
Reference in New Issue