automatic module_metadata_base.json update

rapid7 · Dec 11, 2024 · e7b04ab · e7b04ab
1 parent 136599a
commit e7b04ab
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/db/modules_metadata_base.json b/db/modules_metadata_base.json
@@ -81376,6 +81376,7 @@
     ],
     "description": "This module exploits an improper authorization vulnerability in ProjectSend versions r1295 through r1605.\n          The vulnerability allows an unauthenticated attacker to obtain remote code execution by enabling user registration,\n          disabling the whitelist of allowed file extensions, and uploading a malicious PHP file to the server.",
     "references": [
+      "CVE-2024-11680",
       "URL-https://github.com/projectsend/projectsend/commit/193367d937b1a59ed5b68dd4e60bd53317473744",
       "URL-https://www.synacktiv.com/sites/default/files/2024-07/synacktiv-projectsend-multiple-vulnerabilities.pdf",
       "CVE-2024-11680"
@@ -81401,7 +81402,7 @@
     "targets": [
       "PHP Command"
     ],
-    "mod_time": "2024-12-07 14:23:30 +0000",
+    "mod_time": "2024-12-11 13:54:06 +0000",
     "path": "/modules/exploits/linux/http/projectsend_unauth_rce.rb",
     "is_install_path": true,
     "ref_name": "linux/http/projectsend_unauth_rce",