Sign upLogin

rapid7/metasploit-framework

View on GitHub
Star
modules/exploits/multi/http/cve_2023_38836_boidcms.rb

Summary

Maintainability
B
4 hrs
Test Coverage

Method initialize has 61 lines of code (exceeds 25 allowed). Consider refactoring.
Open

  def initialize(info = {})
    super(
      update_info(
        info,
        'Name' => 'BoidCMS Command Injection',
Severity: Major
Found in modules/exploits/multi/http/cve_2023_38836_boidcms.rb - About 2 hrs to fix

    Method cms_login? has 29 lines of code (exceeds 25 allowed). Consider refactoring.
    Open

      def cms_login?(login_token)
    vprint_status('Logging into CMS')
    cms_password = datastore['CMS_PASSWORD']
    cms_username = datastore['CMS_USERNAME']
    vars_form_data =
    Severity: Minor
    Found in modules/exploits/multi/http/cve_2023_38836_boidcms.rb - About 1 hr to fix

      Method upload_php? has 27 lines of code (exceeds 25 allowed). Consider refactoring.
      Open

        def upload_php?(login_token, shell_filename)
    vprint_status("Uploading PHP file #{shell_filename}")
    vars_form_data =
      [
        {
      Severity: Minor
      Found in modules/exploits/multi/http/cve_2023_38836_boidcms.rb - About 1 hr to fix

        There are no issues that match your filters.

        Category
        Status