This Metasploit module exploits an arbitrary code execution flaw discovered in many implementations of the PHP XML-RPC module. This flaw is exploitable through a number of PHP web applications, including but not limited to Drupal, Wordpress, Postnuke, and TikiWiki.
74661987981d6b9dcef06ec55c6a9cc16d40945f635c122f6a84bdf7a7d57158
HP Security Bulletin - A potential security vulnerability has been identified in the Secure Web Server for Tru64 UNIX (powered by Apache) 6.4.1 and earlier when running PHP/XMLRPC. The vulnerability could be exploited by a remote unauthorized user to execute arbitrary code.
afa77588576431352f8061a012a379bf68e3f8016765afad4d2ce302559a6168
Gentoo Linux Security Advisory GLSA 200507-15 - James Bercegay has discovered that the XML-RPC implementation in PHP fails to sanitize input passed in an XML document, which is used in an eval() statement. Versions less than 4.4.0 are affected.
957d243d316ce15bb092f0b014f3dff4abe6629942d9dd158e3b4af0205a4fa7
Debian Security Advisory DSA 746-1 - A vulnerability had been identified in the xmlrpc library included with phpgroupware, a web-based application including email, calendar and other groupware functionality. This vulnerability could lead to the execution of arbitrary commands on the server running phpgroupware.
463042360637941b8f9b9cfb05ee3ecc82f5ecdf9094179130ce122871544166
Gentoo Linux Security Advisory GLSA 200507-08 - The XML-RPC implementations of phpGroupWare and eGroupWare fail to sanitize input sent to the XML-RPC server using the POST method. Versions less than 0.9.16.006 are affected.
e6e4508d4d34b0338c98cad75efb14c9a7bbb24a8a963d701d075ce1f286752c
Debian Security Advisory DSA 747-1 - A vulnerability has been identified in the xmlrpc library included in the egroupware package. This vulnerability could lead to the execution of arbitrary commands on the server running egroupware.
b0b86440bb0360bbefc86c2863a7889904933148f078a1f19d96c3fcd6b2f2ad
Gentoo Linux Security Advisory GLSA 200507-07 - phpWebSite fails to sanitize input sent to the XML-RPC server using the POST method. Other unspecified vulnerabilities have been discovered by Diabolic Crab of Hackers Center. Versions less than 0.10.1-r1 are affected.
137a749249ea84faa10e7656703df394ec1711a7ad5160e8ffb8a677672f639a
Gentoo Linux Security Advisory GLSA 200507-06 - TikiWiki is vulnerable to arbitrary command execution as described in GLSA 200507-01. Versions less than 1.8.5-r1 are affected.
7a3224fc388615854b469f89647198e48bf895aba6282499573f5c86dea45927
Gentoo Linux Security Advisory GLSA 200507-02 - James Bercegay of the GulfTech Security Research Team discovered that WordPress insufficiently checks data passed to the XML-RPC server. He also discovered that WordPress has several cross-site scripting and full path disclosure vulnerabilities. Versions less than 1.5.1.3 are affected.
8ef3cc7830aa91d24d15b2d98e64f7bac2893ffe531033defa532c1d06a66f2a
Gentoo Linux Security Advisory GLSA 200507-01 - James Bercegay of GulfTech Security Research discovered that the PEAR XML-RPC and phpxmlrpc libraries fail to sanitize input sent using the POST method. Versions less than 1.3.1 are affected.
1ccfd7f91652298e66cd06e890e188a97d9b460fd9f05dfd6e4e738dc832354c
Serendipity version 0.8.2 and below suffer from a remote command execution flaw.
2a4ee8e7ada42a56b8aed38fe317912c764aad12ca30260dd372fba5c27cd442