Skip to content

Commit ebe6f89

Browse files
msjenkins-r7msjenkins-r7
committed
automatic module_metadata_base.json update
1 parent f102028 commit ebe6f89

File tree

1 file changed

+28
-12
lines changed

1 file changed

+28
-12
lines changed

db/modules_metadata_base.json

Lines changed: 28 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -4468,8 +4468,7 @@
44684468
],
44694469
"description": "This module exploits an unauthenticated arbitrary wordpress options change vulnerability\n in the Automatic (wp-automatic) plugin <= 3.53.2. If WPEMAIL is provided, the administrator's email\n address will be changed. User registration is\n enabled, and default user role is set to administrator. A user is then created with\n the USER name set. A valid EMAIL is required to get the registration email (not handled in MSF).",
44704470
"references": [
4471-
"URL-https://blog.nintechnet.com/critical-vulnerability-fixed-in-wordpress-automatic-plugin/",
4472-
"NOCVE-Patched in 3.53.3 without vendor disclosure"
4471+
"URL-https://blog.nintechnet.com/critical-vulnerability-fixed-in-wordpress-automatic-plugin/"
44734472
],
44744473
"platform": "PHP",
44754474
"arch": "php",
@@ -4490,7 +4489,7 @@
44904489
"https"
44914490
],
44924491
"targets": null,
4493-
"mod_time": "2021-11-04 15:28:05 +0000",
4492+
"mod_time": "2022-06-10 14:01:57 +0000",
44944493
"path": "/modules/auxiliary/admin/http/wp_automatic_plugin_privesc.rb",
44954494
"is_install_path": true,
44964495
"ref_name": "admin/http/wp_automatic_plugin_privesc",
@@ -4507,6 +4506,9 @@
45074506
"SideEffects": [
45084507
"config-changes",
45094508
"ioc-in-logs"
4509+
],
4510+
"NOCVE": [
4511+
"Patched in 3.53.3 without vendor disclosure"
45104512
]
45114513
},
45124514
"session_types": false,
@@ -4649,14 +4651,20 @@
46494651
"https"
46504652
],
46514653
"targets": null,
4652-
"mod_time": "2020-10-02 17:38:06 +0000",
4654+
"mod_time": "2022-06-10 14:01:57 +0000",
46534655
"path": "/modules/auxiliary/admin/http/wp_gdpr_compliance_privesc.rb",
46544656
"is_install_path": true,
46554657
"ref_name": "admin/http/wp_gdpr_compliance_privesc",
46564658
"check": true,
46574659
"post_auth": true,
46584660
"default_credential": false,
46594661
"notes": {
4662+
"Stability": [
4663+
4664+
],
4665+
"Reliability": [
4666+
4667+
],
46604668
"SideEffects": [
46614669
"config-changes"
46624670
]
@@ -73032,17 +73040,23 @@
7303273040
"targets": [
7303373041
"Cisco RV340 Firmware Version <= 1.0.03.24"
7303473042
],
73035-
"mod_time": "2022-05-11 18:30:11 +0000",
73043+
"mod_time": "2022-06-10 14:01:57 +0000",
7303673044
"path": "/modules/exploits/linux/misc/cisco_rv340_sslvpn.rb",
7303773045
"is_install_path": true,
7303873046
"ref_name": "linux/misc/cisco_rv340_sslvpn",
7303973047
"check": true,
7304073048
"post_auth": false,
7304173049
"default_credential": false,
7304273050
"notes": {
73043-
"Stability": "crash-service-restarts",
73044-
"Reliability": "repeatable-session",
73045-
"SideEffects": null
73051+
"Stability": [
73052+
"crash-service-restarts"
73053+
],
73054+
"Reliability": [
73055+
"repeatable-session"
73056+
],
73057+
"SideEffects": [
73058+
73059+
]
7304673060
},
7304773061
"session_types": false,
7304873062
"needs_cleanup": null
@@ -103548,15 +103562,17 @@
103548103562
"Linux (x64)",
103549103563
"Linux (cmd)"
103550103564
],
103551-
"mod_time": "2021-08-27 17:15:33 +0000",
103565+
"mod_time": "2022-06-10 14:01:57 +0000",
103552103566
"path": "/modules/exploits/unix/webapp/bolt_authenticated_rce.rb",
103553103567
"is_install_path": true,
103554103568
"ref_name": "unix/webapp/bolt_authenticated_rce",
103555103569
"check": true,
103556103570
"post_auth": true,
103557103571
"default_credential": false,
103558103572
"notes": {
103559-
"NOCVE": "0day",
103573+
"NOCVE": [
103574+
"0day"
103575+
],
103560103576
"Stability": [
103561103577
"service-resource-loss"
103562103578
],
@@ -117961,7 +117977,7 @@
117961117977
"description": "This module exploits a vulnerability in the update functionality of\n Malwarebytes Anti-Malware consumer before 2.0.3 and Malwarebytes\n Anti-Exploit consumer 1.03.1.1220.\n Due to the lack of proper update package validation, a man-in-the-middle\n (MITM) attacker could execute arbitrary code by spoofing the update server\n data-cdn.mbamupdates.com and uploading an executable. This module has\n been tested successfully with MBAM 2.0.2.1012 and MBAE 1.03.1.1220.",
117962117978
"references": [
117963117979
"CVE-2014-4936",
117964-
" OSVDB-116050",
117980+
"OSVDB-116050",
117965117981
"URL-http://blog.0x3a.com/post/104954032239/cve-2014-4936-malwarebytes-anti-malware-and"
117966117982
],
117967117983
"platform": "Windows",
@@ -117976,7 +117992,7 @@
117976117992
"targets": [
117977117993
"Windows Universal"
117978117994
],
117979-
"mod_time": "2021-02-17 12:33:59 +0000",
117995+
"mod_time": "2022-06-10 08:47:41 +0000",
117980117996
"path": "/modules/exploits/windows/browser/malwarebytes_update_exec.rb",
117981117997
"is_install_path": true,
117982117998
"ref_name": "windows/browser/malwarebytes_update_exec",

0 commit comments

Comments
 (0)