0day.today - Dunyanin En Buyuk Exploit Veritabani

Dilinizi secin:

Bu konuda bilmeniz gerekenler:

Biz sadece bir adet ana domain kullaniyoruz DOMAIN_LINK

Eger exploit satin alacaksaniz ve ya hizmet icin odeme yapacaksaniz, altin almaniz gerekmekte.

We accept currencies: [contact admin to find more]

Biz sitemizi hack amacli kullanmak istemiyoruz, yani her turlu dogru olmayan, kanunsuz ve illegal yapilan eylemler diger hesaplari olumsuz yonde etkileyebilir ve sonrasinda buna yol acan/lar, web sitelerimize ve verilere erisimi tamamen kesilir, banlanir ve hesabini tarafimizca yok edilir.

Sadece bu sitenin yonetimine itibar edin. Sahtelere Dikkat!

We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!

Zaten 0day.today'a kayitli bir kullaniciyim. Bu ekrani bir daha gormek istemiyorum.

Ilk ne yapmali?

Oku [ anlasma ]
Oku [ Gonder ] kurallar
Ziyaret et [ SSS ] page
[ Uye Ol ] profil
[ FIYAT ]
Eger istiyorsaniz [ satmak ]
Eger istiyorsaniz [ almak ]
Eger kaybederseniz [ Hesap ]
Herhangi bir sorunuz [ [email protected] ]

Ana linkler

Bize ulasabilirsiniz

Mail:

[email protected]

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

[ authorization ] [ registration ] [ Yenileme ]

Bize ulasabilirsiniz:

Mail:

[email protected]

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

Mida Solutions eFramework ajaxreq.php Command Injection Exploit

[ 0Day-ID-34943 ]

Full Baslik

Mida Solutions eFramework ajaxreq.php Command Injection Exploit [ Highlight ]

Highlight - is paid service, that can help to get more visitors to your material.

Price:

Eklenme Tarihi

16-09-2020

Kategori

remote exploits

Platform

php

Dogrulanma

Fiyat

Ucretsiz

Risk

[

Security Risk Critical

]

Rel. releases

Tanim

This Metasploit module exploits a command injection vulnerability in Mida Solutions eFramework version 2.9.0 and prior. The ajaxreq.php file allows unauthenticated users to inject arbitrary commands in the PARAM parameter to be executed as the apache user. The sudo configuration permits the apache user to execute any command as root without providing a password, resulting in privileged command execution as root. This module has been successfully tested on Mida Solutions eFramework-C7-2.9.0 virtual appliance.

CVE

CVE-2020-15920

Other Information

Abuses

Yorumlar

Goruntulemeler

10 687

We DO NOT use Telegram or any messengers / social networks! Please, beware of scammers!

Ucretsiz

Open Exploit
You can open this source code for free

Open Exploit

Open Exploit
You can open this source code for free

Verified by

Verified by
This material is checked by Administration and absolutely workable.

Yazar

metasploit

Exploit

1626

Okuyucular

[ Yorumlar: 0 ]

Users are forbidden to exchange personal contact details
Haggle on other sites\projects is forbidden
Reselling is forbidden

Punishment: permanent block of user account with all Gold.

Yorum yazabilmek icin giris yapin ve ya uye olun

We DO NOT use Telegram or any messengers / social networks!

Please, beware of scammers!

Mida Solutions eFramework ajaxreq.php Command Injection Exploit

Report Error

Report Error