关联漏洞
标题:
Joomla! 路径遍历漏洞
(CVE-2019-10945)
描述:Joomla!是美国Open Source Matters团队的一套使用PHP和MySQL开发的开源、跨平台的内容管理系统(CMS)。Media Manager是使用在其中的一个媒体管理组件。 Joomla! CMS 1.5.0版本至3.9.4版本中的com_media存在路径遍历漏洞,该漏洞源于网络系统或产品未能正确地过滤资源或文件路径中的特殊元素。攻击者可利用该漏洞访问受限目录之外的位置。
描述
Joomla! Core 1.5.0 - 3.9.4 - Directory Traversal / Authenticated Arbitrary File Deletion in Python3
介绍
# Code Conversion to Python 3
This code is taken from [Joomla! Core 1.5.0 - 3.9.4 - Directory Traversal / Authenticated Arbitrary File Deletion
](https://www.exploit-db.com/exploits/46710) and was converted to Python 3 to suit the exercise in [Academy](http://academy.hackthebox.com/) for Module "Attacking Commoon Applications" and section "Attacking Joomla".
The original code was written in Python 2, but it has been converted using the 2to3 tool. However, some additional changes were necessary to make the code compatible with Python 3.
## Requirements
To run this code, you will need Python 3 installed on your system.
## Usage
To run the code, simply execute the script in a terminal or command prompt using Python 3. For example:
```bash
$ wget https://raw.githubusercontent.com/dpgg101/CVE-2019-10945/main/CVE-2019-10945.py
$ python3 CVE-2019-10945.py
```
## Contributing
If you find any issues with the code or have suggestions for improvements, please feel free to open an issue or submit a pull request.
文件快照
[4.0K] /data/pocs/e78b14859aef06868fd8c07aeb91fe0dbeed26e4
├── [6.1K] CVE-2019-10945.py
├── [1.0K] LICENSE
└── [1021] README.md
0 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。