关联漏洞
标题:
Joomla 安全漏洞
(CVE-2023-23752)
描述:Joomla是美国Open Source Matters团队的一套使用PHP和MySQL开发的开源、跨平台的内容管理系统(CMS)。 Joomla 4.0.0版本至4.2.7版本存在安全漏洞,该漏洞源于不正确的访问检查,允许对web服务端点进行未经授权的访问。
描述
simple program for joomla CVE-2023-23752 scanner for pentesting and educational purpose
介绍
# CVE-2023-23752
simple program for joomla CVE-2023-23752 scanner, This is a simple Ruby script that checks if a list of targets is vulnerable to CVE-2023-23752, a critical security vulnerability in a web application. The script sends a HTTP GET request to a specified endpoint, and extracts information from the response to determine if the target is vulnerable.
# Usage
```
ruby scanner.rb list.txt output.txt
```
list.txt is a file that contains a list of target domains or IPs, separated by newlines. output.txt is the output file where the results will be saved.
# Requirements
This script requires the following Ruby gems:
```
httparty
colorize
timeout
```
# Disclaimer
This tool is provided for educational purposes only. The author is not responsible for any damages or illegal actions caused by the use of this tool. Use at your own risk.
文件快照
[4.0K] /data/pocs/1d2901ab97961133f9a98ddc08f5c39708927bf3
├── [3.1K] joomla.rb
├── [ 955] README.md
├── [415K] Screen Shot 2023-02-24 at 08.26.46.png
└── [ 653] target.txt
0 directories, 4 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。