This Metasploit module exploits an arbitrary file write in Lucee Administrator’s imgProcess.cfm file to execute commands as the Tomcat user.
You May Also Like
PHP 7.3.15-3 PHP_SESSION_UPLOAD_PROGRESS Session Data Injection
PHP version 7.3.15-3 suffers from a PHP_SESSION_UPLOAD_PROGRESS session data injection vulnerability.
- cybersecurityredflag_sdevzw
- July 27, 2021
Israeli surveillance firm Candiru used Windows zero-days to deploy spyware
Experts said that Israeli surveillance firm Candiru, tracked as Sourgum, exploited zero-days…
- cybersecurityredflag_sdevzw
- July 15, 2021
Supreme Court to Give the Public Access to Opinions of the Secretive Court’s Work
Civil liberties organisations have petitioned the Supreme Court to make decisions of…
- cybersecurityredflag_sdevzw
- April 20, 2021
Unified Office Total Connect Now 1.0 SQL Injection
Unified Office Total Connect Now version 1.0 suffers from a remote SQL…
- cybersecurityredflag_sdevzw
- June 17, 2021