File tree Expand file tree Collapse file tree 1 file changed +1
-1
lines changed
modules/exploits/multi/http Expand file tree Collapse file tree 1 file changed +1
-1
lines changed Original file line number Diff line number Diff line change @@ -14,7 +14,7 @@ def initialize(info = {})
1414 super ( update_info ( info ,
1515 'Name' => 'Joomla HTTP Header Unauthenticated Remote Code Execution' ,
1616 'Description' => %q{
17- Joomla suffers from an unauthenticated remote code execution that affects all versions from 1.5 to 3.4.
17+ Joomla suffers from an unauthenticated remote code execution that affects all versions from 1.5.0 to 3.4.5 .
1818 By storing user supplied headers in the databases session table it's possible to truncate the input
1919 by sending an UTF-8 character. The custom created payload is then executed once the session is read
2020 from the databse. You also need to have a PHP version before 5.4.45 (including 5.3.x), 5.5.29 or 5.6.13.
You can’t perform that action at this time.
0 commit comments