Hastymail 2.1.1 RC1 Command Injection

newsbot

newsbot

RSS Feed
This Metasploit module exploits a command injection vulnerability found in Hastymail 2.1.1 RC1 due to the insecure usage of the call_user_func_array() function on the "lib/ajax_functions.php" script. Authentication is required on Hastymail in order to exploit the vulnerability. The module has been successfully tested on Hastymail 2.1.1 RC1 over Ubuntu 10.04.

Weiterlesen...
 

Ähnliche Themen

Webmin /file/show.cgi Remote Command Execution

XODA 0.4.5 Arbitrary PHP File Upload

ManageEngine Security Manager Plus 5.5 build 5505 SQL Injection

EGallery PHP File Upload Vulnerability

Zabbix Server Arbitrary Command Execution

Zurück
Oben