This Metasploit module exploits two NoSQL injection vulnerabilities to retrieve the user list and password reset tokens from the system Next, the USER is targeted to reset their password Then, a command injection vulnerability is used to execute the payload While it is possible to upload a payload and execute it, the command injection provides a ...
CMSpit
export IP=101024011
Konstantinos Pap - Fri 06 Aug 2021 07:47:38 AM CDT
My script initialized all kinds of enumerations (gobuster, nikto and nmap)
Nmap detected 2 open ports port 22 and 80
Opening firefox on the server we get a login page No matter what we type in we always end up on the login page This means we need to authenticate or bypass the authentication s
Cockpit CMS NoSQL Injection (CVE-2020-35847, CVE-2020-35848)
Cockpit CMS before version 0112 is vulnerable to a NoSQL Injection vulnerability in the /auth/resetpassword and /auth/newpassword that allows extraction of password reset tokens which allow for user details enumeration as well as password reset
Read More - swarmptsecuritycom/rce-cockpit-cms/
This python
Vulmon