File tree Expand file tree Collapse file tree 1 file changed +5
-5
lines changed
modules/exploits/linux/http Expand file tree Collapse file tree 1 file changed +5
-5
lines changed Original file line number Diff line number Diff line change @@ -15,11 +15,11 @@ def initialize(info = {})
1515 'Name' => 'Centreon SQL and Command Injection' ,
1616 'Description' => %q{
1717 This module exploits several vulnerabilities on Centreon 2.5.1 and prior and Centreon
18- Enterprise Server 2.2 and prior. The combination of both vulnerabilities, in the
19- displayServiceStatus.php component, allows remote unauthenticated execution of arbitrary
20- commands. The module only requires a session available in the application at the moment
21- of exploitation. It means a legit ust must be logged in. This module has been tested
22- successfully on Centreon Enterprise Server 2.2.
18+ Enterprise Server 2.2 and prior. The combination of both vulnerabilities, SQL and
19+ Command injections in the displayServiceStatus.php component, allows remote attackers
20+ to execute arbitrary commands. No authentication is required. The module only requires
21+ a valid session available at the moment of exploitation. It means a legit ust must be
22+ logged in. This module has been tested successfully on Centreon Enterprise Server 2.2.
2323 } ,
2424 'License' => MSF_LICENSE ,
2525 'Author' =>
You can’t perform that action at this time.
0 commit comments