{"uuid": "32a0bd62-1354-4b27-b7db-1295aadc9762", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23752", "type": "exploited", "source": "https://t.me/ptswarm/168", "content": "Joomla! CVE-2023-23752 to Code Execution\n\n\ud83d\udc64 by Jacob Baines\n\nOn February 16, 2023, Joomla! published a security advisory for CVE-2023-23752. The advisory describes an \u201cimproper access check\u201d affecting Joomla! 4.0.0 through 4.2.7. The following day, a chinese-language blog shared the technical details of the vulnerability.\n\nThe blog's disclosure was followed by a stream of exploits hitting GitHub, and multiple indicators of exploitation in the wild. The public exploits focus on leaking the victim\u2019s MySQL database credentials \u2013 an unexciting prospect (researcher thought), because exposing the database to the internet is a dangerous misconfiguration. Nonetheless, attackers seemed interested in the vulnerability, so researcher sought to find out why.\n\n\ud83d\udcdd Contents:\n\u25cf Joomla! Versions in the Wild\n\u25cf CVE-2023-23752 to Code Execution #1\n\u25cf CVE-2023-23752 to Code Execution #2\n\u25cf Conclusion\n\nhttps://vulncheck.com/blog/joomla-for-rce", "creation_timestamp": "2023-03-24T05:58:25.000000Z"}