Method: Wpxf::Auxiliary::GalleryAlbumHashDump#initialize

Defined in:
lib/wpxf/modules/auxiliary/hash_dump/gallery_album_hash_dump.rb

#initializeGalleryAlbumHashDump

Returns a new instance of GalleryAlbumHashDump.



6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
 
# File 'lib/wpxf/modules/auxiliary/hash_dump/gallery_album_hash_dump.rb', line 6

def initialize
  super

  update_info(
    name: 'Responsive Image Gallery, Gallery Album <= 1.2.0 Authenticated Hash Dump',
    desc: %(
      Responsive Image Gallery, Gallery Album <= 1.2.0 contains an SQL injection vulnerability
      which can be leveraged by all registered users with the permission
      to manage the plugin settings. This module utilises this vulnerability
      to dump the hashed passwords of all users in the database.
    ),
    author: [
      'Manuel Garcia Cardenas', # Disclosure
      'rastating'               # WPXF module
    ],
    references: [
      ['WPVDB', '8907'],
      ['CVE', '2017-14125'],
      ['URL', 'http://seclists.org/fulldisclosure/2017/Sep/55']
    ],
    date: 'Sep 22 2017'
  )
end