File tree Expand file tree Collapse file tree 2 files changed +10
-10
lines changed
Expand file tree Collapse file tree 2 files changed +10
-10
lines changed Original file line number Diff line number Diff line change @@ -14,14 +14,13 @@ def initialize(info = {})
1414 super ( update_info (
1515 info ,
1616 'Name' => 'WordPress Ultimate CSV Importer User Table Extract' ,
17- 'Description' => %q{Due to lack of verification of a visitor's
18- permissions, it is possible to execute the
19- 'export.php' script included in the default
20- installation of this plugin, and retrieve the full
21- contents of the user table in the WordPress
22- installation. This results in full disclosure of
23- usernames, hashed passwords and email addresses
24- for all users.} ,
17+ 'Description' => %q{
18+ Due to lack of verification of a visitor's permissions, it is possible
19+ to execute the 'export.php' script included in the default installation of the
20+ Ultimate CSV Importer plugin and retrieve the full contents of the user table
21+ in the WordPress installation. This results in full disclosure of usernames,
22+ hashed passwords and email addresses for all users.
23+ } ,
2524 'License' => MSF_LICENSE ,
2625 'Author' =>
2726 [
Original file line number Diff line number Diff line change @@ -17,8 +17,9 @@ def initialize(info = {})
1717 'Description' => %q{
1818 This module exploits a command injection vulnerability on HP Client Automation, distributed
1919 actually as Persistent Systems Client Automation. The vulnerability exists in the Notify
20- Daemon (radexecd.exe), which doesn't authenticate execution requests by default neither.
21- This module has been tested successfully on HP Client Automation 9.00 over Windows 2003 SP2
20+ Daemon (radexecd.exe), which doesn't authenticate execution requests by default.
21+
22+ This module has been tested successfully on HP Client Automation 9.00 on Windows 2003 SP2
2223 and CentOS 5.
2324 } ,
2425 'Author' =>
You can’t perform that action at this time.
0 commit comments