Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.
Sign upNSE for CVE-2017-8917 #916
Conversation
wongwaituck
added some commits
Jun 20, 2017
This comment has been minimized.
This comment has been minimized.
sophron
commented on scripts/http-vuln-cve2017-8917.nse in 8bfc0de
Jun 22, 2017
|
Maybe reduce to one space? |
This comment has been minimized.
This comment has been minimized.
|
Done |
wongwaituck
added some commits
Jun 22, 2017
nmap-bot
closed this
in
5096438
Jun 26, 2017
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
wongwaituck commentedJun 22, 2017
An SQL injection vulnerability exists in Joomla! versions 3.7.x before 3.7.1, which allows unauthenticated users to execute arbitrary SQL commands. I wanted to write an SQLi related script to see how it can be integrated into a library, hence this script was written.
This script checks if the
com_fieldsis injectable by running the information functionuser(). If the username and hostname is returned, website is vulnerable.A video of the script in action can be found here.