Joomla - Component Google Map Landkarten <= 4.2.3 - SQL Injection
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
README.md
joomla-cve-2018-6396.py

README.md

Joomla-CVE-2018-6396

Joomla! Component Google Map Landkarten <= 4.2.3 - SQL Injection

Date: 03/03/2018

Vendor Homepage: http://www.joomla-24.de/

Software Link: https://extensions.joomla.org/extensions/extension/maps-a-weather/maps-a-locations/google-map-landkarten/

Version: <= 4.2.3

Tested on: KaLi Linux 2018.1

CVE: CVE-2018-6396

Discovered by: Ihsan Sencan

Exploit by: Javier Olmedo

HOW TO USE?

Clone this repository

git clone https://github.com/JJavierOlmedo/joomla-cve-2018-6396.git

Go to local repository

cd joomla-cve-2018-6396

Change the access permissions

sudo chmod +x joomla-cve-2018-6396.py

Launch attack!!

python3 joomla-cve-2018-6396.py -u <TARGET>

PoC

cve-2018-6396