|
2233 | 2233 |
|
2234 | 2234 | ] |
2235 | 2235 | }, |
| 2236 | + "auxiliary_admin/http/fortra_filecatalyst_workflow_sqli": { |
| 2237 | + "name": "Fortra FileCatalyst Workflow SQL Injection (CVE-2024-5276)", |
| 2238 | + "fullname": "auxiliary/admin/http/fortra_filecatalyst_workflow_sqli", |
| 2239 | + "aliases": [ |
| 2240 | + |
| 2241 | + ], |
| 2242 | + "rank": 300, |
| 2243 | + "disclosure_date": "2024-06-25", |
| 2244 | + "type": "auxiliary", |
| 2245 | + "author": [ |
| 2246 | + "Tenable", |
| 2247 | + "Michael Heinzl" |
| 2248 | + ], |
| 2249 | + "description": "This module exploits a SQL injection vulnerability in Fortra FileCatalyst Workflow <= v5.1.6 Build 135, by adding a new\n administrative user to the web interface of the application.", |
| 2250 | + "references": [ |
| 2251 | + "CVE-2024-5276", |
| 2252 | + "URL-https://www.tenable.com/security/research/tra-2024-25", |
| 2253 | + "URL-https://support.fortra.com/filecatalyst/kb-articles/advisory-6-24-2024-filecatalyst-workflow-sql-injection-vulnerability-YmYwYWY4OTYtNTUzMi1lZjExLTg0MGEtNjA0NWJkMDg3MDA0" |
| 2254 | + ], |
| 2255 | + "platform": "", |
| 2256 | + "arch": "", |
| 2257 | + "rport": 8080, |
| 2258 | + "autofilter_ports": [ |
| 2259 | + 80, |
| 2260 | + 8080, |
| 2261 | + 443, |
| 2262 | + 8000, |
| 2263 | + 8888, |
| 2264 | + 8880, |
| 2265 | + 8008, |
| 2266 | + 3000, |
| 2267 | + 8443 |
| 2268 | + ], |
| 2269 | + "autofilter_services": [ |
| 2270 | + "http", |
| 2271 | + "https" |
| 2272 | + ], |
| 2273 | + "targets": null, |
| 2274 | + "mod_time": "2024-08-16 14:12:41 +0000", |
| 2275 | + "path": "/modules/auxiliary/admin/http/fortra_filecatalyst_workflow_sqli.rb", |
| 2276 | + "is_install_path": true, |
| 2277 | + "ref_name": "admin/http/fortra_filecatalyst_workflow_sqli", |
| 2278 | + "check": false, |
| 2279 | + "post_auth": true, |
| 2280 | + "default_credential": false, |
| 2281 | + "notes": { |
| 2282 | + "Stability": [ |
| 2283 | + "crash-safe" |
| 2284 | + ], |
| 2285 | + "Reliability": [ |
| 2286 | + "repeatable-session" |
| 2287 | + ], |
| 2288 | + "SideEffects": [ |
| 2289 | + "ioc-in-logs", |
| 2290 | + "config-changes" |
| 2291 | + ] |
| 2292 | + }, |
| 2293 | + "session_types": false, |
| 2294 | + "needs_cleanup": false, |
| 2295 | + "actions": [ |
| 2296 | + |
| 2297 | + ] |
| 2298 | + }, |
2236 | 2299 | "auxiliary_admin/http/gitlab_password_reset_account_takeover": { |
2237 | 2300 | "name": "GitLab Password Reset Account Takeover", |
2238 | 2301 | "fullname": "auxiliary/admin/http/gitlab_password_reset_account_takeover", |
|
0 commit comments