This Metasploit module exploits an information disclosure vulnerability found in Zpanel versions 10.1.0 and below. The vulnerability is due to a vulnerable version of pChart allowing remote, unauthenticated, users to read arbitrary files found on the filesystem. This particular module utilizes this vulnerability to identify the username/password combination of the MySQL instance. With the credentials the attackers can login to PHPMyAdmin and execute SQL commands to drop a malicious payload on the filesystem and call it leading to remote code execution.
e2a78006f6a2c8dd9641e9a3343f7060a143d27b5463d94361969f139f4f5d48
Whitepaper called Attacking the Washington, D.C. Internet Voting System. In 2010, Washington, D.C. developed an Internet voting pilot project that was intended to allow overseas absentee voters to cast their ballots using a website. The authors of this paper participated in a challenge to break the security of the system and in doing so, elected Bender from Futurama to the school board.
705cb8163275671c27c510a5c5b8844bcd41d0a76937766a605fd5ca273a0a7a