CVE-2019-10945 PoC — Joomla! 路径遍历漏洞

Source

https://github.com/dpgg101/CVE-2019-10945

Associated Vulnerability

Title:Joomla! 路径遍历漏洞 (CVE-2019-10945)
Description:An issue was discovered in Joomla! before 3.9.5. The Media Manager component does not properly sanitize the folder parameter, allowing attackers to act outside the media manager root directory.

Description

Joomla! Core 1.5.0 - 3.9.4 - Directory Traversal / Authenticated Arbitrary File Deletion in Python3

Readme

# Code Conversion to Python 3
This code is taken from [Joomla! Core 1.5.0 - 3.9.4 - Directory Traversal / Authenticated Arbitrary File Deletion
](https://www.exploit-db.com/exploits/46710) and was converted to Python 3 to suit the exercise in [Academy](http://academy.hackthebox.com/) for Module "Attacking Commoon Applications" and section "Attacking Joomla".

The original code was written in Python 2, but it has been converted using the 2to3 tool. However, some additional changes were necessary to make the code compatible with Python 3.

## Requirements
To run this code, you will need Python 3 installed on your system.

## Usage
To run the code, simply execute the script in a terminal or command prompt using Python 3. For example:
```bash
$ wget https://raw.githubusercontent.com/dpgg101/CVE-2019-10945/main/CVE-2019-10945.py
$ python3 CVE-2019-10945.py
```

## Contributing
If you find any issues with the code or have suggestions for improvements, please feel free to open an issue or submit a pull request.

File Snapshot


 [4.0K]  /data/pocs/e78b14859aef06868fd8c07aeb91fe0dbeed26e4
├── [6.1K]  CVE-2019-10945.py
├── [1.0K]  LICENSE
└── [1021]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!