This Metasploit module abuses the “RunScript” procedure provided by the SOAP interface of Adobe InDesign Server, to execute arbitrary vbscript (Windows) or applescript(OSX). The exploit drops the payload on the server and must be removed manually.
>> CATEGORY: exploit
Kordil EDMS v2.2.60rc3 SQL Injection Vulnerability
Oracle MySQL for Microsoft Windows MOF Execution
Adobe IndesignServer 5.5 SOAP Server Arbitrary Script Execution
NVIDIA Install Application 2.1002.85.551 (NVI2.dll) Unicode Buffer Overflow PoC
Tectia SSH USERAUTH Change Request Password Reset Vulnerability
Ektron 8.02 XSLT Transform Remote Code Execution
FirePass SSL VPN Unauthenticated Local File Inclusion
Symantec Messaging Gateway 9.5.3-3 Arbitrary File Download
Symantec Messaging Gateway 9.5.3-3 CSRF Vulnerability