| Title | Joomla! 3.4.6 - Remote Code Execution |
|---|
| Description | Exploit from Alessandro Groppo, part of Metasploit Framwork
PHP Object Injection because of a downsize in the read/write process with the database leads to RCE. The exploit will backdoor the configuration.php file in the root directory with en eval of a POST parameter. |
|---|
| Source | ⚠️ https://www.exploit-db.com/exploits/47539 |
|---|
| User | misc (UID 3) |
|---|
| Submission | 10/26/2019 14:37 (7 years ago) |
|---|
| Moderation | 10/26/2019 16:02 (1 hour later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 144232 [Joomla CMS 3.4.6 code injection] |
|---|
| Points | 17 |
|---|