6 matches found
Apache .htaccess Persistence
This module writes a persistence payload into an Apache .htaccess file using modcgi. The .htaccess file itself acts as a CGI shell, executing commands passed via the query string. Inspired by the htshells project by wireghoul. Module Options msf use exploit/linux/persistence/apachehtaccess msf...
EUVD-2026-19771
ChurchCRM is an open-source church management system. Prior to 6.5.3, a path traversal vulnerability in ChurchCRM's backup restore functionality allows authenticated administrators to upload arbitrary files and achieve remote code execution by overwriting Apache .htaccess configuration files. The...
PT-2026-30940
ChurchCRM is an open-source church management system. Prior to 6.5.3, a path traversal vulnerability in ChurchCRM's backup restore functionality allows authenticated administrators to upload arbitrary files and achieve remote code execution by overwriting Apache .htaccess configuration files. The...
Reading Apache htaccess Files (win)
Reading Apache htaccess Files This script get the AuthUserFile configuration of an list of Apache htaccess files. OpenVAS Vulnerability Test $Id: GSHBReadApachehtaccessfiles.nasl 7293 2017-09-27 08:49:48Z cfischer $ Reading Apache htaccess Files win Authors: Thomas Rotter Copyright: Copyright c...
apr-util heap buffer underwrite
The aprstrmatchprecompile function in strmatch/aprstrmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service daemon crash via crafted input involving 1 a .htaccess file used with the Apache HTTP Server, 2 the SVNMasterURI directive in the moddavsvn module in t...
Privelege escalation via Apache .htaccess buffer overflow
Oversized line in .htaccess causes buffer overflow...