Lucene search
K

4 matches found

Prion
Prion
added 2013/11/02 7:55 p.m.15 views

Design/Logic Flaw

NAS4Free 9.1.0.1.804 and earlier allows remote authenticated users to execute arbitrary PHP code via a request to exec.php, aka the "Advanced | Execute Command" feature. NOTE: this issue might not be a vulnerability, since it appears to be part of legitimate, intentionally-exposed functionality b...

6CVSS7.7AI score0.12999EPSS
Exploits5References2Affected Software1
Exploit DB
Exploit DB
added 2013/10/31 12:0 a.m.37 views

NAS4Free - Remote Code Execution (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex' require 'rexml/document' class Metasploit4 'NAS4Free Arbitrary Remote Code Execution', 'Description' = %q NAS4Free allows an authenticated...

6CVSS7AI score0.12999EPSS
Exploits5
Metasploit
Metasploit
added 2013/10/30 3:25 p.m.33 views

NAS4Free Arbitrary Remote Code Execution

NAS4Free allows an authenticated user to post PHP code to a special HTTP script and have the code executed remotely. This module was successfully tested against NAS4Free version 9.1.0.1.804. Earlier builds are likely to be vulnerable as well. This module requires Metasploit:...

6CVSS0.4AI score0.12999EPSS
Exploits5
Packet Storm
Packet Storm
added 2013/10/30 12:0 a.m.35 views

NAS4Free Arbitrary Remote Code Execution

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex' require 'rexml/document' class Metasploit4 'NAS4Free Arbitrary Remote Code Execution', 'Description' = %q NAS4Free allows an authenticated...

6CVSS0.4AI score0.12999EPSS
Exploits5
Rows per page
Query Builder