Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

CVE-2014-2238 -- MantisBT aux mod

From: Brandon Perry <bperry.volatile () gmail com>
Date: Mon, 3 Mar 2014 11:39:58 -0600
Hi,

Here is an aux mod that exploits CVE-2014-2238 and reads a file off the FS.

Requires admin creds afaict.

https://gist.github.com/brandonprry/9330240

-- 
http://volatile-minds.blogspot.com -- blog
http://www.volatileminds.net -- website

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: