This Metasploit module exploits a vulnerability in the JCE component for Joomla!, which could allow an unauthenticated remote attacker to upload arbitrary files, caused by the fails to sufficiently sanitize user-supplied input. Sending specially-crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious PHP script, which could allow the attacker to execute arbitrary PHP code on the vulnerable system. This Metasploit module has been tested successfully on the JCE Editor 1.5.71 and Joomla 1.5.26.
d551a16563e5797049076716bcbb1d33f994204c2b5f2e12601d1eac4daa07b1This Metasploit module abuses the AverageRangeStatisticImpl from a Java Applet to run arbitrary Java code outside of the sandbox, a different exploit vector than the one exploited in the wild in November of 2012. The vulnerability affects Java version 7u7 and earlier.
d60e88d1c35ce2c590ccaca3bb69232e1fa72e0dc95b7d237cae3e89eaf0668aThis Metasploit module abuses the Method Handle class from a Java Applet to run arbitrary Java code outside of the sandbox. The vulnerability affects Java version 7u7 and earlier.
56cdda70d19b81c54b81eafca0cce9a0e594a89c837b327c0ae866038e17e745This Metasploit module abuses a command injection vulnerability in the Nagios3 history.cgi script.
2d998e6af394b654b4e6c4d7e3889f719c9559d52bd93cdc30862fc829af9295Nagios Core version 3.4.3 suffers from a stack-based buffer overflow vulnerability in the history.cgi web interface.
88ac488f066319dd1f959b62a5b728615dc7728fccc1e533414c99c5543167e4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed