Nmap Development mailing list archives
Re: http-coldfusion-subzero - Extracts the credentials file through a 0day LFI vulnerability in Coldfusion 9/10
From: Paulino Calderon Pale <paulino () calderonpale com>
Date: Fri, 10 May 2013 01:02:55 -0500
On Tue, May 07, 2013 at 04:38:02PM -0500, Paulino Calderon Pale wrote:
description = [[ Attempts to retrieve the version, installation path and password.properties file in vulnerable ColdFusion 9/10 installations. This is based on the exploit 'ColdSub-Zero.pyFusion v2'. ]]
Adds some nil checks.
Attachment:
http-coldfusion-subzero.nse
Description:
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- http-coldfusion-subzero - Extracts the credentials file through a 0day LFI vulnerability in Coldfusion 9/10 Paulino Calderon Pale (May 07)
- Message not available
- Message not available
- Message not available
- Re: http-coldfusion-subzero - Extracts the credentials file through a 0day LFI vulnerability in Coldfusion 9/10 Paulino Calderon Pale (May 09)
- Message not available
- Message not available
- Message not available
- Message not available
- Message not available
- Re: http-coldfusion-subzero - Extracts the credentials file through a 0day LFI vulnerability in Coldfusion 9/10 Paulino Calderon Pale (May 09)
- Message not available