.. / CVE-2015-7297

Exploit for Joomla! Core SQL Injection (CVE-2015-7297)

Description:

A SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands.

Nuclei Template

View the template here CVE-2015-7297.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2015/CVE-2015-7297.yaml
Copy

References:

http://packetstormsecurity.com/files/134097/Joomla-3.44-SQL-Injection.html
http://developer.joomla.org/security-centre/628-20151001-core-sql-injection.html
https://www.trustwave.com/Resources/SpiderLabs-Blog/Joomla-SQL-Injection-Vulnerability-Exploit-Results-in-Full-Administrative-Access/
http://packetstormsecurity.com/files/134494/Joomla-Content-History-SQL-Injection-Remote-Code-Execution.html
https://nvd.nist.gov/vuln/detail/CVE-2015-7297