menu arrow_back 湛蓝安全空间 |狂野湛蓝,暴躁每天 chevron_right All_wiki chevron_right Some-PoC-oR-ExP-master chevron_right JoomlaExp.md
  • home 首页
  • brightness_4 暗黑模式
    • cloud
    xLIYhHS7e34ez7Ma
    cloud
    湛蓝安全
    code
    Github
    JoomlaExp.md
    376 B / 2021-07-04 19:32:24
        # Exploit for Joomla 3.4.4 - 3.6.4 (CVE-2016-8869 and CVE-2016-8870) with File Upload web shell
1. https://github.com/XiphosResearch/exploits/blob/master/Joomraa/joomraa.py

# 后台RCE
Affected version: Joomla core <=3.9.24
User requirement: Admin account (Not Superadmin)
Gain access: Create superadmin, then trigger RCE.

2. https://github.com/HoangKien1020/CVE-2021-23132
    links
    file_download