This Metasploit module exploits a command injection vulnerability on PineApp Mail-SeCure 3.70. The vulnerability exists on the ldapsyncnow.php component, due to the insecure usage of the shell_exec() php function. This Metasploit module has been tested successfully on PineApp Mail-SeCure 3.70.
PineApp Mail-SeCure Ldapsyncnow.Php Arbitrary Command Execution
- Thread starter poqun
- Start date