6 matches found
CVE-2013-3629
ISPConfig 3.0.5.2 has Arbitrary PHP Code Execution...
CVE-2013-3629
ISPConfig 3.0.5.2 has Arbitrary PHP Code Execution...
CVE-2013-3629
CVE-2013-3629 affects ISPConfig 3.0.5.2. The Red Hat/NVD/CVE records and related sources describe an Arbitrary PHP Code Execution vulnerability. The root cause is a flaw in ISPConfig’s content/language handling that allows an authenticated user to cause arbitrary PHP code execution on the server ...
ISPConfig Authenticated Arbitrary PHP Code Execution Vulnerability
ISPConfig allows an authenticated administrator to export language settings into a PHP script which is intended to be reuploaded later to restore language settings. This feature can be abused to run arbitrary PHP code remotely on the ISPConfig server. This Metasploit module was tested against...
CVE-2013-3629
creationtimestamp| type| source ---|---|--- 2013-10-31 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/29322 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/ispconfigphpexec.rb 2025-02-06 03:13:41+00:00| seen|...
ISPConfig Authenticated Arbitrary PHP Code Execution
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'ISPConfig Authenticated Arbitrary PHP Code Execution', 'Description' = %q ISPConfig allows an authenticated administrator to export...