3 matches found
Microsoft SharePoint Unsafe Control And ViewState Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'http://microsoft.com/sharepoint/webpartpages', 'soap' = 'http://www.w3.org/2003/05/soap-envelope', 'xsi' =...
Microsoft SharePoint Unsafe Control and ViewState RCE
The EditingPageParser.VerifyControlOnSafeList method fails to properly validate user supplied data. This can be leveraged by an attacker to leak sensitive information in rendered-preview content. This module will leak the ViewState validation key and then use it to sign a crafted object that will...
Microsoft SharePoint远程代码执行漏洞(CVE-2021-31181)
CVE-2021-31181: MICROSOFT SHAREPOINT WEBPART INTERPRETATION CONFLICT REMOTE CODE EXECUTION VULNERABILITY June 02, 2021 | The ZDI Research Team In May of 2021, Microsoft released a patch to correct CVE-2021-31181 – a remote code execution bug in the supported versions of Microsoft SharePoint Serve...