CVE-2023-23752

This repository contains a functional Ruby exploit for CVE-2023-23752, an unauthenticated information disclosure vulnerability in Joomla! versions 4.0.0 to 4.2.7. The exploit fetches user details and database configuration via exposed API endpoints.

The repository contains a Python script (`joomla.py`) that exploits CVE-2023-23752, an authentication bypass vulnerability in Joomla! leading to information leakage. The script appears functional and includes a list of API endpoints targeted by the exploit.

This repository contains a Ruby script that scans for CVE-2023-23752, an information disclosure vulnerability in Joomla. The script sends HTTP GET requests to a specific endpoint and checks the response for exposed credentials and database information.

This PoC exploits CVE-2023-23752, an improper access check in Joomla, by querying unauthenticated API endpoints to leak user data and credentials. It demonstrates the vulnerability by fetching sensitive information via HTTP GET requests.

The repository contains a functional Python script that exploits CVE-2023-23752, an unauthorized access vulnerability in Joomla's REST API. The script sends a crafted request to the `/api/index.php/v1/config/application?public=true` endpoint to extract sensitive information, including usernames and passwords.

The repository contains a Python script that scans for CVE-2023-23752 by sending HTTP requests to a specific endpoint and extracting sensitive information (usernames, passwords, database names) from the response. It does not exploit the vulnerability but detects it by checking for exposed credentials.

This repository contains a bulk scanner for CVE-2023-23752, which targets Joomla's API endpoint to extract sensitive configuration data. It does not include exploit code for active exploitation but scans for vulnerable instances and retrieves exposed database information.

This repository contains a functional Bash script that exploits an unauthenticated information disclosure vulnerability in Joomla! versions 4.0.0 to 4.2.8. The exploit fetches user details and configuration data via exposed API endpoints.

This repository contains a functional exploit for CVE-2023-23752, an unauthenticated information disclosure vulnerability in Joomla! versions 4.0.0 to 4.2.7. The exploit leverages improper access checks in the Joomla! API to retrieve sensitive user and configuration data, including database credentials.

This repository contains a functional Python exploit for CVE-2023-23752, an unauthenticated information disclosure vulnerability in Joomla! < 4.2.8. The exploit fetches sensitive user and configuration data via exposed API endpoints.

This repository contains a functional exploit for CVE-2023-23752, an unauthorized access vulnerability in Joomla. The script checks for the presence of sensitive data (username and password) in the response from the `/api/index.php/v1/config/application?public=true` endpoint, indicating successful exploitation.

This repository provides a Dockerized environment to demonstrate CVE-2023-23752, an unauthorized access vulnerability in Joomla 4.2.6. The setup script automates the installation and exploitation, revealing database credentials via an API endpoint.

The repository contains a Python script that scans for CVE-2023-23752, an unauthorized access vulnerability in Joomla. The script checks for exposed API endpoints and does not include exploit code for achieving RCE or other offensive actions.

This repository contains a functional C++ exploit for CVE-2023-23752, an unauthenticated information disclosure vulnerability in Joomla! versions up to 4.2.7. The exploit sends a crafted HTTP request to the Joomla API endpoint to retrieve sensitive configuration data, including database credentials.

The repository contains a Nuclei template for detecting CVE-2023-23752, an unauthorized access vulnerability in Joomla's REST API. It includes a YAML file with a request template to probe the vulnerable endpoint and a README with technical details about affected versions and endpoints.

This repository provides a detailed analysis of CVE-2023-23752, an unauthorized access vulnerability in Joomla's REST API. It lists affected versions (Joomla 4.0.0 to 4.2.7) and enumerates API endpoints exposed when the `public=true` parameter is used, including sensitive information disclosure via `/api/index.php/v1/config/application?public=true`.

This repository contains a Nuclei template for detecting CVE-2023-23752, an unauthorized access vulnerability in Joomla. The template sends a crafted HTTP request to the Joomla API endpoint and checks for the presence of sensitive data (e.g., 'password', 'user') in the response.

The repository provides a functional proof-of-concept for CVE-2023-23752, an unauthorized access vulnerability in Joomla!. The exploit leverages an API endpoint to bypass authentication and retrieve sensitive configuration data.

The repository contains a Go-based multi-threaded scanner for CVE-2023-23752, which checks for the presence of sensitive configuration data exposure in Joomla! APIs. It sends HTTP requests to a specific endpoint and checks for the presence of 'dbtype' in the response to determine vulnerability.

The repository contains a Nuclei template for detecting CVE-2023-23752, an improper access check vulnerability in Joomla 4.0.0-4.2.7. It sends a crafted HTTP request to the `/api/index.php/v1/config/application?public=True` endpoint to check for unauthorized access.

This repository contains a functional Go-based exploit for CVE-2023-23752, which targets an information disclosure vulnerability in Joomla. The exploit sends crafted HTTP requests to exposed API endpoints to extract sensitive configuration data, including database credentials.

This repository contains a functional exploit script for CVE-2023-23752, an authentication bypass vulnerability in Joomla versions 4.00 to 4.28. The exploit leverages an API endpoint to leak administrator credentials and MySQL configuration details.

The repository contains a bulk scanner for CVE-2023-23752, which targets Joomla's API endpoint to retrieve configuration information. It does not include exploit code for achieving RCE or other offensive actions, but rather scans for vulnerable instances and extracts database information.

This repository contains a functional Python script that exploits CVE-2023-23752, an authentication bypass vulnerability in Joomla versions 4.0.0 to 4.2.7. The exploit leaks sensitive configuration data, including MySQL database credentials, by sending a crafted HTTP request to the Joomla API endpoint.

The repository contains a functional Python exploit for CVE-2023-23752, which targets an information disclosure vulnerability in Joomla! versions 4.0.0 to 4.2.8. The exploit sends a crafted API request to retrieve sensitive configuration data, including user credentials.

This repository contains a functional Ruby exploit for CVE-2023-23752, an unauthenticated information disclosure vulnerability in Joomla! versions prior to 4.2.8. The exploit fetches sensitive user and configuration data via exposed API endpoints.

The repository contains a functional PoC for CVE-2023-23752, which exploits an unauthenticated information disclosure vulnerability in Joomla CMS versions 4.0.0 to 4.2.7. The PoC script extracts the MySQL database credentials by querying the Joomla API endpoint.

This repository contains a functional Python exploit for CVE-2023-23752, an unauthenticated information disclosure vulnerability in Joomla. The script queries Joomla's API endpoints to dump user and configuration data without authentication.

The repository contains a functional Go-based PoC for CVE-2023-23752, an information disclosure vulnerability in Joomla. The exploit checks for exposed API endpoints that leak sensitive configuration data, including database credentials and user information.

The repository contains only a README.md file with a brief description of CVE-2023-23752 and mentions an exploit written in C++, but no actual exploit code or technical details are provided.

This exploit PoC checks for CVE-2023-23752, an information disclosure vulnerability in Joomla. It sends a GET request to a specific endpoint to retrieve sensitive configuration data, including credentials, and writes vulnerable URLs to a file.

The repository contains a functional Python script that exploits CVE-2023-23752, an improper access check vulnerability in Joomla! 4.0.0 through 4.2.7. The script sends a crafted request to the `/api/index.php/v1/config/application?public=true` endpoint to leak database credentials (host, database name, username, and password).

The repository contains a Python script that scans Joomla instances for CVE-2023-23752, an unauthorized access vulnerability, by querying the API endpoint to extract database credentials. It does not exploit the vulnerability but detects exposed configurations.

This repository contains a functional proof-of-concept exploit for CVE-2023-23752, targeting Joomla's API endpoint to extract sensitive configuration data such as database credentials. The script includes a bulk scanner, thread-based execution, and result logging.

This repository contains a functional Python script that exploits CVE-2023-23752, an unauthorized access vulnerability in Joomla! CMS versions 4.0.0 to 4.2.7. The script sends a crafted request to the Joomla API endpoint to leak sensitive database configuration details, including credentials, and supports both single-target and batch scanning with output to an Excel file.

The repository contains a Python script that fetches and displays user and configuration data from a Joomla API endpoint. It does not exploit the vulnerability but scans for exposed information, which is part of the CVE-2023-23752 vulnerability context.

This repository contains a Python conversion of an existing Ruby exploit for CVE-2023-23752, an unauthenticated information disclosure vulnerability in Joomla! v4.2.8. The original Ruby exploit is referenced from Exploit-DB (51334), and the Python version is described as functionally equivalent.

This repository contains a functional Go-based exploit for CVE-2023-23752, an unauthenticated information disclosure vulnerability in Joomla. The tool queries the Joomla API endpoint to extract database configuration details (type, host, user, password, and prefix) and supports concurrent scanning with proxy functionality.

This repository contains a functional Python script that exploits CVE-2023-23752, an unauthenticated information disclosure vulnerability in Joomla! versions prior to 4.2.8. The script fetches and displays user details and database configuration by making HTTP requests to exposed API endpoints.

The exploit script demonstrates an information disclosure vulnerability in Joomla! by querying public API endpoints to retrieve usernames and passwords from the application configuration. It uses simple curl commands to fetch and parse JSON responses.

The repository contains a functional bash script that exploits CVE-2023-23752, an authentication bypass vulnerability in Joomla! API versions 4.0 to 4.2.7. The script automates the extraction of sensitive information such as user details, application configuration, and contact details by leveraging vulnerable API endpoints.

The repository contains a bash script that scans for CVE-2023-23752, an information disclosure vulnerability in Joomla CMS. It sends HTTP requests to the vulnerable endpoint and parses responses for sensitive data like credentials.

This repository contains a functional Go-based exploit for CVE-2023-23752, which targets an information disclosure vulnerability in Joomla. The exploit sends a crafted GET request to the vulnerable endpoint `/api/index.php/v1/config/application?public=true` to extract sensitive configuration data, including database credentials.

The repository contains a functional Python exploit for CVE-2023-23752, an unauthenticated information disclosure vulnerability in Joomla! versions 4.0.0 to 4.2.7. The exploit queries the Joomla API to extract user details and database configuration without authentication.

The repository contains functional Python and Bash scripts that exploit CVE-2023-23752, an access control flaw in Joomla! CMS versions 4.0.0 through 4.2.7. The scripts retrieve sensitive information such as user data and database credentials by querying unauthenticated API endpoints.

This repository contains a functional Python exploit for CVE-2023-23752, an unauthenticated information disclosure vulnerability in Joomla! versions 4.0.0 to 4.2.7. The exploit fetches sensitive user and configuration data via exposed API endpoints.

The repository contains a functional exploit for CVE-2023-23752, an authentication bypass vulnerability in Joomla CMS versions 4.0.0 to 4.2.7. The exploit script checks the Joomla version and retrieves sensitive information via exposed API endpoints.

This repository contains a Python-based scanner for CVE-2023-23752, which checks for an information disclosure vulnerability in Joomla! by querying a specific API endpoint and extracting database credentials from the response.

This exploit leverages an unauthenticated information disclosure vulnerability in Joomla! versions 4.0.0 to 4.2.7. It queries the API endpoints to retrieve user details and database configuration, including sensitive credentials.

This Metasploit module exploits an improper access check vulnerability in Joomla's API endpoints to enumerate user and configuration data without authentication. It targets Joomla versions 4.0.0 to 4.2.7 by querying the `/api/index.php/v1/users` and `/api/index.php/v1/config/application` endpoints with `public=true` to retrieve sensitive information.

This repository contains a functional C++ exploit for CVE-2023-23752, an unauthenticated information disclosure vulnerability in Joomla! versions up to 4.2.7. The exploit sends a crafted request to the Joomla API endpoint to retrieve sensitive configuration data, including database credentials.

The repository contains a functional Python script that exploits CVE-2023-23752, an information disclosure vulnerability in Joomla < 4.2.8. The script queries unauthenticated API endpoints to retrieve user and configuration data, demonstrating the vulnerability.

This repository contains a functional Ruby exploit for CVE-2023-23752, an unauthenticated information disclosure vulnerability in Joomla! versions prior to 4.2.8. The exploit fetches sensitive user and configuration data via exposed API endpoints.

This repository contains a functional Python exploit for CVE-2023-23752, an unauthenticated information disclosure vulnerability in Joomla! 4.2.8. The exploit queries the `/api/index.php/v1/config/application?public=true` endpoint to extract sensitive credentials from the JSON response.

The repository contains functional exploit code for CVE-2007-2447, targeting Samba's usermap script vulnerability. The exploit leverages command injection via the username field to execute a reverse shell payload.