Skip to content

Commit

Permalink
automatic module_metadata_base.json update
Browse files Browse the repository at this point in the history
  • Loading branch information
msjenkins-r7 committed Apr 5, 2024
1 parent 34f0afa commit e184f5e
Showing 1 changed file with 69 additions and 0 deletions.
69 changes: 69 additions & 0 deletions db/modules_metadata_base.json
Original file line number Diff line number Diff line change
Expand Up @@ -99435,6 +99435,75 @@
"session_types": false,
"needs_cleanup": null
},
"exploit_multi/http/gibbon_auth_rce_cve_2024_24725": {
"name": "Gibbon School Platform Authenticated PHP Deserialization Vulnerability",
"fullname": "exploit/multi/http/gibbon_auth_rce_cve_2024_24725",
"aliases": [

],
"rank": 600,
"disclosure_date": "2024-03-18",
"type": "exploit",
"author": [
"h00die-gr3y <[email protected]>",
"Ali Maharramli",
"Fikrat Guliev",
"Islam Rzayev"
],
"description": "A Remote Code Execution vulnerability in Gibbon online school platform version 26.0.00 and lower\n allows remote authenticated users to conduct PHP deserialization attacks via columnOrder in a\n POST request to the endpoint `/modules/System%20Admin/import_run.php&type=externalAssessment&step=4`.\n As it allows remote code execution, adversaries could exploit this flaw to execute arbitrary commands,\n potentially resulting in complete system compromise, data exfiltration, or unauthorized access\n to sensitive information.",
"references": [
"CVE-2024-24725",
"URL-https://attackerkb.com/topics/ogKGAB44BP/cve-2024-24725",
"PACKETSTORM-177635",
"EDB-51903"
],
"platform": "Linux,PHP,Unix,Windows",
"arch": "php, cmd, x64, x86",
"rport": 443,
"autofilter_ports": [
80,
8080,
443,
8000,
8888,
8880,
8008,
3000,
8443
],
"autofilter_services": [
"http",
"https"
],
"targets": [
"PHP",
"Unix Command",
"Linux Dropper",
"Windows Command",
"Windows Dropper"
],
"mod_time": "2024-04-04 17:14:32 +0000",
"path": "/modules/exploits/multi/http/gibbon_auth_rce_cve_2024_24725.rb",
"is_install_path": true,
"ref_name": "multi/http/gibbon_auth_rce_cve_2024_24725",
"check": true,
"post_auth": true,
"default_credential": false,
"notes": {
"Stability": [
"crash-safe"
],
"Reliability": [
"repeatable-session"
],
"SideEffects": [
"ioc-in-logs",
"artifacts-on-disk"
]
},
"session_types": false,
"needs_cleanup": true
},
"exploit_multi/http/git_client_command_exec": {
"name": "Malicious Git and Mercurial HTTP Server For CVE-2014-9390",
"fullname": "exploit/multi/http/git_client_command_exec",
Expand Down

0 comments on commit e184f5e

Please sign in to comment.