# Exploit for Joomla 3.4.4 – 3.6.4 (CVE-2016-8869 and CVE-2016-8870) with File Upload web shell
“`
https://github.com/XiphosResearch/exploits/blob/master/Joomraa/joomraa.py
“`
# 后台RCE
Affected version: Joomla core <=3.9.24
User requirement: Admin account (Not Superadmin)
Gain access: Create superadmin, then trigger RCE.
```
https://github.com/HoangKien1020/CVE-2021-23132
```
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
请登录后查看评论内容