Add CVE ID to module and docs

rapid7 · Nov 5, 2020 · e7a20ec · e7a20ec
1 parent cf95488
commit e7a20ec
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 2 deletions.
diff --git a/documentation/modules/exploit/multi/http/horizontcms_upload_exec.md b/documentation/modules/exploit/multi/http/horizontcms_upload_exec.md
@@ -1,5 +1,6 @@
 ## Vulnerable Application
-This module exploits an arbitrary file upload vulnerability in HorizontCMS 1.0.0-beta and prior in order to execute arbitrary commands.
+This module exploits an arbitrary file upload vulnerability (CVE-2020-27387) in HorizontCMS 1.0.0-beta and prior
+in order to execute arbitrary commands.
 
 The module first tries to obtain the HorizontCMS version and a csrf token from `/admin/login`.
 Next, the module tries to authenticate via an HTTP POST request to the same destination.

diff --git a/modules/exploits/multi/http/horizontcms_upload_exec.rb b/modules/exploits/multi/http/horizontcms_upload_exec.rb
@@ -45,7 +45,7 @@ def initialize(info = {})
           ],
         'References' =>
           [
-            ['URL', 'https://github.com/ttimot24/HorizontCMS/commit/436b5ab679fd27afa3d99c023dbe103113da4fee']
+            ['CVE', '2020-27387']
           ],
         'Payload' =>
           {