Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-23752 PoC — [20230201] - Core - Improper access check in webservice endpoints

Source
https://github.com/0xwh1pl4sh/CVE-2023-23752
Associated Vulnerability
Title:[20230201] - Core - Improper access check in webservice endpoints (CVE-2023-23752)
Description:An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.
Description
Joomla! v4.2.8 - Unauthenticated information disclosure
Readme
# CVE-2023-23752

##### Joomla! v4.2.8 - Unauthenticated information disclosure



To execute this script, we need to install few missing gems:

```
sudo gem install httpx
sudo gem install docopt
sudo gem install paint
```

```
ruby exploit.rb http://dev.devvortex.htb
```

![image](https://github.com/c0d3cr4f73r/CVE-2023-23752/assets/66146701/a393b775-4764-4557-87c0-b9a808dbbffa)
File Snapshot

 [4.0K]  /data/pocs/bcb102a1521403ec55d63e3853ef6d288e15bc1a
├── [3.1K]  exploit.rb
└── [ 383]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →