提交 #111: Joomla! 3.4.6 - Remote Code Execution
| 标题 | Joomla! 3.4.6 - Remote Code Execution |
|---|---|
| 描述 | Exploit from Alessandro Groppo, part of Metasploit Framwork PHP Object Injection because of a downsize in the read/write process with the database leads to RCE. The exploit will backdoor the configuration.php file in the root directory with en eval of a POST parameter. |
| 来源 | ⚠️ https:/ |
| 用户 | misc (UID 3) |
| 提交 | 2019-10-26 14時37分 (7 年前) |
| 管理 | 2019-10-26 16時02分 (1 hour later) |
| 状态 | 已接受 |
| VulDB条目 | 144232 [Joomla CMS 3.4.6 权限提升] |
| 积分 | 17 |