# N/A
## 漏洞概述
Joomla! 3.7.x 在 3.7.1 之前的版本中存在 SQL 注入漏洞,攻击者可以利用未指明的向量执行任意 SQL 命令。
## 影响版本
- Joomla! 3.7.x 版本 (版本号小于 3.7.1)
## 漏洞细节
攻击者可以通过未具体指明的向量执行任意 SQL 命令,进而导致 SQL 注入漏洞。
## 漏洞影响
- 可能允许攻击者执行任意 SQL 命令,从而获取敏感信息或对数据库进行未授权操作。| # | POC 描述 | 源链接 | 神龙链接 |
|---|---|---|---|
| 1 | Joomla 3.7 SQL injection (CVE-2017-8917) | https://github.com/brianwrf/Joomla3.7-SQLi-CVE-2017-8917 | POC详情 |
| 2 | CVE-2017-8917 - SQL injection Vulnerability Exploit in Joomla 3.7.0 | https://github.com/stefanlucas/Exploit-Joomla | POC详情 |
| 3 | cve-2017-8917 | https://github.com/cved-sources/cve-2017-8917 | POC详情 |
| 4 | Python exploit for CVE-2017-8917 - Joomla 3.7.0 'com_fields' SQL Injection | https://github.com/gmohlamo/CVE-2017-8917 | POC详情 |
| 5 | None | https://github.com/AkuCyberSec/CVE-2017-8917-Joomla-370-SQL-Injection | POC详情 |
| 6 | CVE-2017-8917 - Joomla 3.7.0 'com_fields' SQL Injection | https://github.com/Siopy/CVE-2017-8917 | POC详情 |
| 7 | Project for the Cyberspace Security class. | https://github.com/ionutbaltariu/joomla_CVE-2017-8917 | POC详情 |
| 8 | CVE-2017-8917 SQL injection Vulnerability in Joomla! 3.7.0 exploit | https://github.com/BaptisteContreras/CVE-2017-8917-Joomla | POC详情 |
| 9 | CVE-2017-8917 SQL injection Vulnerability in Joomla! 3.7.0 exploit | https://github.com/gloliveira1701/Joomblah | POC详情 |
| 10 | Joomla! before 3.7.1 contains a SQL injection vulnerability. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2017/CVE-2017-8917.yaml | POC详情 |
| 11 | None | https://github.com/Threekiii/Awesome-POC/blob/master/CMS%E6%BC%8F%E6%B4%9E/Joomla%203.7.0%20SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E%20CVE-2017-8917%29.md | POC详情 |
| 12 | None | https://github.com/chaitin/xray-plugins/blob/main/poc/manual/joomla-cve-2017-8917-sqli.yml | POC详情 |
| 13 | https://github.com/vulhub/vulhub/blob/master/joomla/CVE-2017-8917/README.md | POC详情 |