Date: 03/03/2018
Vendor Homepage: http://www.joomla-24.de/
Software Link: https://extensions.joomla.org/extensions/extension/maps-a-weather/maps-a-locations/google-map-landkarten/
Version: <= 4.2.3
Tested on: KaLi Linux 2018.1
CVE: CVE-2018-6396
Discovered by: Ihsan Sencan
Exploit by: Javier Olmedo
Clone this repository
git clone https://github.com/JJavierOlmedo/joomla-cve-2018-6396.git
Go to local repository
cd joomla-cve-2018-6396
Change the access permissions
sudo chmod +x joomla-cve-2018-6396.py
Launch attack!!
python3 joomla-cve-2018-6396.py -u <TARGET>