CVE-2015-7297

NUCLEI

Joomla! 3.2-3.4.3 - SQL Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 6 public exploits for CVE-2015-7297. PoCs published by Metasploit, Cappricio-Securities, CCrashBandicot, including Metasploit module exploits/unix/webapp/joomla_contenthistory_sqli_rce. A Nuclei detection template is also available.

AI-analyzed exploit summary This Metasploit module exploits a SQL injection vulnerability in Joomla's Content History component to retrieve admin session cookies, then leverages them to create a malicious PHP template file for remote code execution.

Description

SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2015-7858.

Exploits (6)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotephp
https://www.exploit-db.com/exploits/38797

This Metasploit module exploits a SQL injection vulnerability in Joomla's Content History component to retrieve admin session cookies, then leverages them to create a malicious PHP template file for remote code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Joomla 3.2 to 3.4.4
No auth needed
Prerequisites: Joomla installation with vulnerable version · Active admin session
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec SCANNER 1 stars
by Cappricio-Securities · poc
https://github.com/Cappricio-Securities/CVE-2015-7297

This repository contains a Python-based scanner for detecting CVE-2015-7297, a Joomla SQL injection vulnerability. It checks for vulnerable endpoints by sending crafted requests and analyzing responses for specific patterns.

Classification
Scanner 90%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target: Joomla
No auth needed
Prerequisites: Python 3 · requests library · target URL or list of URLs
devstral-2 · analyzed Feb 18, 2026 Full analysis →
nomisec WORKING POC 1 stars
by CCrashBandicot · poc
https://github.com/CCrashBandicot/ContentHistory

This repository contains functional exploit code for CVE-2015-7297, a SQL injection vulnerability in Joomla! versions 3.2 to 3.4.4. The exploits include a Perl checker script, a PHP-based SQL injection tool, and a Metasploit module, all targeting the `com_contenthistory` component.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target: Joomla! 3.2 to 3.4.4
No auth needed
Prerequisites: Access to the Joomla! administrator interface or vulnerable endpoint
devstral-2 · analyzed Feb 18, 2026 Full analysis →
nomisec WORKING POC
by areaventuno · poc
https://github.com/areaventuno/exploit-joomla

This repository contains a functional Python exploit for Joomla 3.2 to 3.4.4 SQL injection vulnerabilities (CVE-2015-7297, CVE-2015-7857, CVE-2015-7858). It automates the extraction of database credentials, user information, and session IDs via crafted SQL injection payloads.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target: Joomla 3.2 to 3.4.4
No auth needed
Prerequisites: Python 3.4.x · Requests module · Google Dork for target discovery
devstral-2 · analyzed Feb 18, 2026 Full analysis →
metasploit WORKING POC EXCELLENT
by Asaf Orpani · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/joomla_contenthistory_sqli_rce.rb

This Metasploit module exploits a SQL injection vulnerability in Joomla's Content History component to retrieve admin session cookies, then leverages them to achieve remote code execution by creating a malicious PHP template file.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Joomla 3.2 to 3.4.4
No auth needed
Prerequisites: Joomla installation with Content History component enabled · Active admin session
devstral-2 · analyzed Apr 30, 2026 Full analysis →
metasploit WORKING POC
by Asaf Orpani, bperry, Nixawk · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/gather/joomla_contenthistory_sqli.rb

This Metasploit module exploits an error-based SQL injection vulnerability in Joomla's com_contenthistory component to enumerate usernames and password hashes. It uses a time-based blind SQLi technique to extract data from the database.

Classification
Working Poc 100%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target: Joomla versions 3.2 through 3.4.4
No auth needed
Prerequisites: Joomla instance with com_contenthistory component enabled
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

Joomla! Core SQL Injection
HIGHby princechaddha
Shodan: http.html:"joomla! - open source content management" || http.component:"joomla" || cpe:"cpe:2.3:a:joomla:joomla\!"
FOFA: body="joomla! - open source content management"

References (9)

Core 9
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/77295
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1033950
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/38797/

Scores

EPSS 0.9161
EPSS Percentile 99.7%

Details

CWE
CWE-89
Status published
Products (15)
joomla/joomla\! 3.2.0
joomla/joomla\! 3.2.1
joomla/joomla\! 3.2.2
joomla/joomla\! 3.2.3
joomla/joomla\! 3.2.4
joomla/joomla\! 3.3.0
joomla/joomla\! 3.3.1
joomla/joomla\! 3.3.2
joomla/joomla\! 3.3.3
joomla/joomla\! 3.3.4
... and 5 more
Published Oct 29, 2015
Tracked Since Feb 18, 2026