rpgmaster280
rpgmaster280
The conditional statement starting on line 97 is the root source of the issue. It's possible for both conditions (lines 97 and 99) to evaluate to false. There's a third...
Researching the issue further, this issue appears to have already been identified as the TOCTOU Remote Password Reset vulnerability. Metasploit module exploit/linux/http/atutor_filemanager_traversal exploits it. Not sure why, but no CVE...
Issue was designated as CVE-2021-43498 by MITRE.
Some other proposed changes that might be added later: - Ability to filter classes and methods based on search term. - Ability to instantiate COM servers and list exposed methods...
This issue was already reported (along with a fix) here: https://github.com/lanmaster53/recon-ng/issues/177