CVE-2015-7297

This Metasploit module exploits a SQL injection vulnerability in Joomla's Content History component to retrieve admin session cookies, then leverages them to create a malicious PHP template file for remote code execution.

This repository contains a Python-based scanner for detecting CVE-2015-7297, a Joomla SQL injection vulnerability. It checks for vulnerable endpoints by sending crafted requests and analyzing responses for specific patterns.

This repository contains functional exploit code for CVE-2015-7297, a SQL injection vulnerability in Joomla! versions 3.2 to 3.4.4. The exploits include a Perl checker script, a PHP-based SQL injection tool, and a Metasploit module, all targeting the `com_contenthistory` component.

This repository contains a functional Python exploit for Joomla 3.2 to 3.4.4 SQL injection vulnerabilities (CVE-2015-7297, CVE-2015-7857, CVE-2015-7858). It automates the extraction of database credentials, user information, and session IDs via crafted SQL injection payloads.

This Metasploit module exploits an error-based SQL injection vulnerability in Joomla's com_contenthistory component to enumerate usernames and password hashes. It uses a time-based blind SQLi technique to extract data from the database.