CVE-2015-7297

Related Files

Joomla com_contenthistory Error-Based SQL Injection

Posted Aug 31, 2024

Authored by bperry, Nixawk, Asaf Orpani | Site metasploit.com

This Metasploit module exploits a SQL injection vulnerability in Joomla versions 3.2 through 3.4.4 in order to either enumerate usernames and password hashes.

tags | exploit, sql injection

advisories | CVE-2015-7297

SHA-256 | eaae704ef831c9b61c537f52feac70b43d16b0f1530f7da0d1cbc1ab16b2435b

Download | Favorite | View

Joomla Content History SQL Injection Remote Code Execution

Posted Nov 20, 2015

Authored by Asaf Orpani | Site metasploit.com

This Metasploit module exploits a SQL injection vulnerability found in Joomla versions 3.2 up to 3.4.4. The vulnerability exists in the Content History administrator component in the core of Joomla. Triggering the SQL injection makes it possible to retrieve active Super User sessions. The cookie can be used to login to the Joomla administrator backend. By creating a new template file containing our payload, remote code execution is made possible.

tags | exploit, remote, code execution, sql injection

advisories | CVE-2015-7297, CVE-2015-7857, CVE-2015-7858

SHA-256 | 53518655f45dd51e0502900828af9b020e75d493ef442b649696eaac77fb78b1

Download | Favorite | View

Joomla 3.44 SQL Injection

Posted Oct 27, 2015

Authored by MakMan

Joomla remote SQL injection mass exploitation tool that affects versions 3.2 through 3.44.

tags | exploit, remote, sql injection

systems | linux

advisories | CVE-2015-7297, CVE-2015-7857, CVE-2015-7858

SHA-256 | e74d1c2612f862d1907efcb6f9e66646454d21ba0f9e08e17b7c11c0ed22c84d

Download | Favorite | View