5 matches found
Rocket Servergraph Admin Center fileRequestor Directory Traversal - Ver2 (CVE-2014-3914)
A code execution vulnerability exists in Rocket Servergraph Admin Center. The vulnerability occurs when making an HTTP POST request to the URI /SGPAdmin/fileRequest with the parameters cmd=writeDataFile, cmd=run, cmd=runClear or cmd=del, which can be present in the Body of the request. A remote...
CVE-2014-3914
CVE-2014-3914 affects Rocket Servergraph 1.2 Admin Center, with directory traversal in the fileRequestor servlet (and related fileRequestServlet/userRequest servlet) allowing actions such as writeDataFile, run, runClear, readDataFile, del, and save_server_groups to be abused via crafted query/bod...
Rocket Servergraph Admin Center fileRequestor Directory Traversal (CVE-2014-3914)
A code execution vulnerability exists in Rocket Servergraph Admin Center. The vulnerability occurs when making an HTTP POST request to the URI /SGPAdmin/fileRequest with the parameters cmd=writeDataFile, cmd=run, cmd=runClear or cmd=del, which can be present in the Body of the request. A remote...
Rocket Servergraph Admin Center fileRequestor Remote Code Execution
Exploit for multiple platform in category remote exploits This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Rocket Servergraph Admin Center fileRequestor Remote Code Execution',...
Rocket Servergraph Admin Center - fileRequestor Remote Code Execution (Metasploit)
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Rocket Servergraph Admin Center fileRequestor Remote Code Execution', 'Description' = %q This module abuses several directory travers...