File tree Expand file tree Collapse file tree 1 file changed +3
-3
lines changed
modules/exploits/multi/http Expand file tree Collapse file tree 1 file changed +3
-3
lines changed Original file line number Diff line number Diff line change @@ -18,9 +18,9 @@ def initialize(info={})
1818 Traq 2.0 to 2.3. It's in the admincp/common.php script.
1919
2020 This function is called in each script located in the /admicp/ directory to
21- make sure the user has admin rights, but this is a broken authorization
22- schema due to the header() function doesn't stop the execution flow.
23- This can be exploited by malicious users to execute admin functionality.
21+ make sure the user has admin rights. This is a broken authorization schema
22+ because the header() function doesn't stop the execution flow.
23+ This can be exploited by malicious users to execute admin functionality,
2424 e.g. execution of arbitrary PHP code leveraging of plugins.php functionality.
2525 } ,
2626 'License' => MSF_LICENSE ,
You can’t perform that action at this time.
0 commit comments