automatic module_metadata_base.json update
This commit is contained in:
parent
41569b78ba
commit
95047f9fee
|
@ -84777,6 +84777,55 @@
|
|||
},
|
||||
"needs_cleanup": null
|
||||
},
|
||||
"exploit_unix/webapp/ajenti_auth_username_cmd_injection": {
|
||||
"name": "Ajenti auth username Command Injection",
|
||||
"fullname": "exploit/unix/webapp/ajenti_auth_username_cmd_injection",
|
||||
"aliases": [
|
||||
|
||||
],
|
||||
"rank": 600,
|
||||
"disclosure_date": "2019-10-14",
|
||||
"type": "exploit",
|
||||
"author": [
|
||||
"Jeremy Brown",
|
||||
"Onur ER <onur@onurer.net>"
|
||||
],
|
||||
"description": "This module exploits a command injection in Ajenti == 2.1.31.\n By injecting a command into the username POST parameter to api/core/auth, a shell can be spawned.",
|
||||
"references": [
|
||||
"EDB-47497"
|
||||
],
|
||||
"platform": "Python",
|
||||
"arch": "python",
|
||||
"rport": 8000,
|
||||
"autofilter_ports": [
|
||||
80,
|
||||
8080,
|
||||
443,
|
||||
8000,
|
||||
8888,
|
||||
8880,
|
||||
8008,
|
||||
3000,
|
||||
8443
|
||||
],
|
||||
"autofilter_services": [
|
||||
"http",
|
||||
"https"
|
||||
],
|
||||
"targets": [
|
||||
"Ajenti == 2.1.31"
|
||||
],
|
||||
"mod_time": "2019-11-20 19:09:24 +0000",
|
||||
"path": "/modules/exploits/unix/webapp/ajenti_auth_username_cmd_injection.rb",
|
||||
"is_install_path": true,
|
||||
"ref_name": "unix/webapp/ajenti_auth_username_cmd_injection",
|
||||
"check": true,
|
||||
"post_auth": false,
|
||||
"default_credential": false,
|
||||
"notes": {
|
||||
},
|
||||
"needs_cleanup": null
|
||||
},
|
||||
"exploit_unix/webapp/arkeia_upload_exec": {
|
||||
"name": "Western Digital Arkeia Remote Code Execution",
|
||||
"fullname": "exploit/unix/webapp/arkeia_upload_exec",
|
||||
|
|
Loading…
Reference in New Issue