Exploit for CVE-2023-23752

CVE-2023-23752 Description This repository contains Python and Bash scripts that serve as ports of the original Proof of Concept (PoC) written in Ruby for the vulnerability CVE-2023-23752 in Joomla! CMS versions 4.0.0 through 4.2.7 made by 'noraj' (Alexandre ZANNI). An access control flaw was identified, potentially leading to unauthorized access to critical webservice endpoints. This vulnerability could be exploited by attackers to gain unauthorized access to sensitive information or perform unauthorized actions. Usage: Bash script syntax: bash ./CVE-2023-23752.sh https://example.com Python script syntax: bash python CVE-2023-23752.py -u example.com | Option | Description | |——————–|—————————————————| | -u, –url | URL to scan | | -f, –file | Path to the file containing URLs to scan | | -o, –output_file | Path to the output file (optional) | | -e, –endpoint | Endpoint to scan (default: /api/index.php/v1/config/application?public=true) | | -t, –timeout | Timeout in seconds (default: 2) | | -m, –max_threads | Maximum number of threads (default: 10) | Disclaimer Important: These scripts are provided for educational purposes only. Use them at your own risk. The author assumes no responsibility for any misuse or damage caused by these scripts. Ensure that you have explicit permission…Read More