Skip to content

Commit 7ca82b4

Browse files
author
jenkins-metasploit
committed
automatic module_metadata_base.json update
1 parent 8251d89 commit 7ca82b4

File tree

1 file changed

+60
-0
lines changed

1 file changed

+60
-0
lines changed

db/modules_metadata_base.json

Lines changed: 60 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -81949,6 +81949,66 @@
8194981949
"session_types": false,
8195081950
"needs_cleanup": null
8195181951
},
81952+
"exploit_linux/http/pivotx_index_php_overwrite": {
81953+
"name": "PivotX Remote Code Execution",
81954+
"fullname": "exploit/linux/http/pivotx_index_php_overwrite",
81955+
"aliases": [],
81956+
"rank": 600,
81957+
"disclosure_date": "2025-07-10",
81958+
"type": "exploit",
81959+
"author": [
81960+
"HayToN",
81961+
"msutovsky-r7"
81962+
],
81963+
"description": "This module gains remote code execution in PivotX management system. The PivotX allows admin user to directly edit files on the webserver, including PHP files. The module exploits this by writing a malicious payload into `index.php` file, gaining remote code execution.",
81964+
"references": [
81965+
"EDB-52361",
81966+
"URL-https://medium.com/@hayton1088/cve-2025-52367-stored-xss-to-rce-via-privilege-escalation-in-pivotx-cms-v3-0-0-rc-3-a1b870bcb7b3",
81967+
"CVE-2025-52367"
81968+
],
81969+
"platform": "",
81970+
"arch": "",
81971+
"rport": 80,
81972+
"autofilter_ports": [
81973+
80,
81974+
8080,
81975+
443,
81976+
8000,
81977+
8888,
81978+
8880,
81979+
8008,
81980+
3000,
81981+
8443
81982+
],
81983+
"autofilter_services": [
81984+
"http",
81985+
"https"
81986+
],
81987+
"targets": [
81988+
"Linux"
81989+
],
81990+
"mod_time": "2025-08-12 10:42:46 +0000",
81991+
"path": "/modules/exploits/linux/http/pivotx_index_php_overwrite.rb",
81992+
"is_install_path": true,
81993+
"ref_name": "linux/http/pivotx_index_php_overwrite",
81994+
"check": true,
81995+
"post_auth": true,
81996+
"default_credential": false,
81997+
"notes": {
81998+
"Stability": [
81999+
"crash-safe"
82000+
],
82001+
"Reliability": [
82002+
"repeatable-session"
82003+
],
82004+
"SideEffects": [
82005+
"artifacts-on-disk",
82006+
"ioc-in-logs"
82007+
]
82008+
},
82009+
"session_types": false,
82010+
"needs_cleanup": null
82011+
},
8195282012
"exploit_linux/http/progress_flowmon_unauth_cmd_injection": {
8195382013
"name": "Flowmon Unauthenticated Command Injection",
8195482014
"fullname": "exploit/linux/http/progress_flowmon_unauth_cmd_injection",

0 commit comments

Comments
 (0)