Traq admincp/common.php Remote Code Execution
Rocco Calvi
- Affected Vendor
- Traq
- Affected Product
- Traq
- Exploit Type
- Metasploit Module
- Metasploit Module
exploit/multi/http/traq_plugin_exec
Description
This module exploits an arbitrary command execution vulnerability in Traq 2.0 to 2.3. The vulnerability exists in the admincp/common.php script where the header() function fails to halt execution flow, allowing malicious users to bypass authentication and leverage plugin functionality for arbitrary PHP code execution.