应用安全

Joomla

反序列化(版本低于3.4.5)

 

CVE-2015-8562

 

RCE

Date:
October, 2019

原理:
https://blog.hacktivesecurity.com/index.php?controller=post&action=view&id_post=41
EXP:
https://www.exploit-db.com/exploits/47465
https://github.com/kiks7/rusty_joomla_rce

影响版本:
Joomla 3.0.0 – 3.4.6
Refer:
https://blog.hacktivesecurity.com
https://nvd.nist.gov/vuln/detail/CVE-2015-8562
https://blog.ripstech.com/2018/woocommerce-php-object-injection/
https://www.php.net/manual/en/ref.session.php
https://www.hacktivesecurity.com
【推广】 免费学中医,健康全家人
原文地址:https://www.cnblogs.com/AtesetEnginner/p/11660803.html