automatic module_metadata_base.json update
This commit is contained in:
parent
365b7c099c
commit
0436e8bad9
|
@ -31534,6 +31534,67 @@
|
|||
"session_types": false,
|
||||
"needs_cleanup": false
|
||||
},
|
||||
"auxiliary_scanner/http/joomla_api_improper_access_checks": {
|
||||
"name": "Joomla API Improper Access Checks",
|
||||
"fullname": "auxiliary/scanner/http/joomla_api_improper_access_checks",
|
||||
"aliases": [
|
||||
|
||||
],
|
||||
"rank": 300,
|
||||
"disclosure_date": "2023-02-01",
|
||||
"type": "auxiliary",
|
||||
"author": [
|
||||
"h00die",
|
||||
"Tianji Lab"
|
||||
],
|
||||
"description": "Joomla versions between 4.0.0 and 4.2.7, inclusive, contain an improper API access vulnerability.\n This vulnerability allows unauthenticated users access to webservice endpoints which contain\n sensitive information. Specifically for this module we exploit the users and config/application\n endpoints.\n\n This module was tested against Joomla 4.2.7 running on Docker.",
|
||||
"references": [
|
||||
"EDB-51334",
|
||||
"URL-https://developer.joomla.org/security-centre/894-20230201-core-improper-access-check-in-webservice-endpoints.html",
|
||||
"URL-https://nsfocusglobal.com/joomla-unauthorized-access-vulnerability-cve-2023-23752-notice/",
|
||||
"URL-https://attackerkb.com/topics/18qrh3PXIX/cve-2023-23752",
|
||||
"CVE-2023-23752"
|
||||
],
|
||||
"platform": "",
|
||||
"arch": "",
|
||||
"rport": 80,
|
||||
"autofilter_ports": [
|
||||
80,
|
||||
8080,
|
||||
443,
|
||||
8000,
|
||||
8888,
|
||||
8880,
|
||||
8008,
|
||||
3000,
|
||||
8443
|
||||
],
|
||||
"autofilter_services": [
|
||||
"http",
|
||||
"https"
|
||||
],
|
||||
"targets": null,
|
||||
"mod_time": "2023-04-20 16:23:52 +0000",
|
||||
"path": "/modules/auxiliary/scanner/http/joomla_api_improper_access_checks.rb",
|
||||
"is_install_path": true,
|
||||
"ref_name": "scanner/http/joomla_api_improper_access_checks",
|
||||
"check": true,
|
||||
"post_auth": false,
|
||||
"default_credential": false,
|
||||
"notes": {
|
||||
"Stability": [
|
||||
"crash-safe"
|
||||
],
|
||||
"Reliability": [
|
||||
|
||||
],
|
||||
"SideEffects": [
|
||||
"ioc-in-logs"
|
||||
]
|
||||
},
|
||||
"session_types": false,
|
||||
"needs_cleanup": false
|
||||
},
|
||||
"auxiliary_scanner/http/joomla_bruteforce_login": {
|
||||
"name": "Joomla Bruteforce Login Utility",
|
||||
"fullname": "auxiliary/scanner/http/joomla_bruteforce_login",
|
||||
|
|
Loading…
Reference in New Issue