6 matches found
CVE-2014-5468
CVE-2014-5468 is a Railo Remote File Include vulnerability affecting Railo 4.2.1 and earlier. A specially crafted request to thumbnail.cfm can cause the server to include a malicious PNG, enabling an attacker to download arbitrary PNGs and, via directory traversal, append ColdFusion markup to the...
Railo Remote File Include (CVE-2014-5468)
This module exploits a remote file include vulnerability in Railo. A vulnerability in thumbnail.cfm allows an attacker to download an arbitrary PNG file, and by taking advantage of a directory traversal, an attacker can append cold fusion markup to the PNG file, and have it interpreted by the...
Railo Remote File Include
No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include...
CVE-2014-5468
creationtimestamp| type| source ---|---|--- 2014-09-15 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/34669 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/railocfmlrfi.rb 2025-02-06 03:13:41+00:00| seen|...
Railo 4.2.1 - Remote File Inclusion (Metasploit)
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Railo Remote File Include', 'Description' = ' This module exploits a remote file include vulnerability in Railo, tested against versi...
Railo 4.2.1 Remote File Inclusion
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Railo Remote File Include', 'Description' = ' This module exploits a remote file include vulnerability in Railo, tested against versi...