This Metasploit module exploits an XML-RPC API OS command injection vulnerability in Movable Type 7 version r.5002.
>> AUTHOR: deepcore
WebCTRL OEM version 6.5 suffers from a cross site scripting vulnerability.
WebCTRL OEM version 6.5 suffers from a cross site scripting vulnerability.
Trojan.Win32.Akl.bc malware suffers from an insecure permissions vulnerability.
Backdoor.Win32.Delf.arjo malware suffers from an unquoted service path vulnerability.
Backdoor.Win32.Hupigon.acio malware suffers from an unquoted service path vulnerability.
WordPress Supsystic Contact Form plugin version 1.7.18 suffers from a persistent cross site scripting vulnerability.
Backdoor.Win32.Hupigon.acio malware suffers from an unauthenticated open proxy vulnerability.
Backdoor.Win32.Hupigon.afjk malware suffers from a directory traversal vulnerability.