Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2018-7314 PoC — Joomla! PrayerCenter SQL注入漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2018/CVE-2018-7314.yaml
Associated Vulnerability
Title:Joomla! PrayerCenter SQL注入漏洞 (CVE-2018-7314)
Description:Joomla!是美国Open Source Matters团队开发的一套开源的内容管理系统(CMS),该系统提供RSS馈送、网站搜索等功能。PrayerCenter是使用在其中的一个祷告分享组件。 Joomla! PrayerCenter 3.0.2版本中存在SQL注入漏洞。远程攻击者可借助‘sessionid’参数利用该漏洞查看、添加、更改或删除后端数据库中的信息。
Description
SQL Injection exists in the PrayerCenter 3.0.2 component for Joomla! via the sessionid parameter, a different vulnerability than CVE-2008-6429.
File Snapshot

 id: CVE-2018-7314

info:
  name: Joomla! Component PrayerCenter 3.0.2 - SQL Injection
  author: Dhiy

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.