Full title: PineApp Mail-SeCure ldapsyncnow.php Arbitrary Command Execution 
Category: remote exploits
Platform: windows
This Metasploit module exploits a command injection vulnerability on PineApp Mail-SeCure 3.70. The vulnerability exists on the ldapsyncnow.php component, due to the insecure usage of the shell_exec() php function. This Metasploit module has been tested successfully on PineApp Mail-SeCure 3.70.

# 0day.today @ http://0day.today/