{"vulnerability": "CVE-2016-8870", "sightings": [{"uuid": "756d3fa0-03e7-483d-a3d3-b2df31187a3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-8870", "type": "exploited", "source": "https://t.me/webpwn/93", "content": "\u0421\u043b\u044b\u0448\u0430\u043b\u0438 \u043f\u0440\u043e CVE-2016-8869 \u0438 CVE-2016-8870 \u0432 joomla?\n\u0410 \u0432\u043e\u0442 \u0438 \u0440\u0430\u0431\u043e\u0447\u0438\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043f\u043e\u0434 joomla \u043f\u043e\u0434\u044a\u0435\u0445\u0430\u043b - \u0441\u043e\u0437\u0434\u0430\u0435\u0442\u0441\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440 \u0438 \u0437\u0430\u043b\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u0432\u0435\u0431-\u0448\u0435\u043b\u043b.\n\nhttps://github.com/XiphosResearch/exploits/tree/master/Joomraa", "creation_timestamp": "2016-10-27T22:27:13.000000Z"}, {"uuid": "d8bcb7d9-5657-4035-8fc8-f9748dad134d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-8870", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:42.000000Z"}, {"uuid": "9adf5cc9-442c-4959-92c7-ac959d5b1813", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-8870", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:09:50.000000Z"}, {"uuid": "a91d8ab4-c535-41ec-af90-0996b5e03b1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-8870", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/http/joomla_registration_privesc.rb", "content": "", "creation_timestamp": "2018-05-29T15:50:33.000000Z"}, {"uuid": "2f6d1494-547b-4a19-8688-98ea91358f75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2016-8870", "type": "published-proof-of-concept", "source": "https://t.me/HackingPublicoficial/162", "content": "Best Exploits\n\nphpMoAdmin Remote Code Execution (CVE-2015-2208)\nLotusCMS Remote Code Execution (OSVDB-75095)\nElasticSearch Remote Code Execution (CVE-2015-1427)\nShellShock (httpd) Remote Code Execution (CVE-2014-6271)\nIISlap - http.sys Denial of Service/RCE PoC (DoS only). (MS-15-034)\nse0wned - Seowintech Router diagnostic.cgi remote root\nWPsh0pwn - Wordpress WPShop eCommerce Shell Upload (WPVDB-7830)\nnmediapwn - Wordpress N-Media Website Contact Form with File Upload 1.3.4 Shell Upload\npwnflow - Wordpress Work the flow file upload 2.5.2 Shell Upload\ndelusions - Wordpress InfusionSoft Gravity Forms Shell Upload (CVE-2014-6446)\nsuiteshell - SuiteCRM Post-Auth Remote Code Execution (CVE-2015-NOTYET)\nsuiteracer - SuiteCRM Post-Auth Remote Code Execution Race Condition (CVE-2015-xxxx)\nunsanitary - Address Sanitizer + Setuid Binary = Local Root exploit (LD_PRELOAD vector)\nDiamondFox - DiamondFox Botnet C&C Panel Shell Upload\nDoubtfullyMalignant - BenignCertain DoS PoC\nTorCT-Shell - TorCT RAT C&C Panel Shell Upload\nvBullshit - vBulletin 5.x.x unserialize() Remote Code Execution (CVE-2015-7808)\nXanity-Shell - Xanity RAT C&C Panel Shell Upload\nJoomraa - PoC + upload blacklist bypass (CVE-2016-8869, CVE-2016-8870, CVE-2016-9836)\nDeathsize - LifeSize Room remote code execution & local root exploit\nAssetExploder - ManageEngine Asset Explorer remote code execution\nDroppleGanger - Droppler <= 1.6.5 Auth-Bypass & RCE\ntr-06fail - TR-064 Misimplementations leading to remote device takeover in ZyXEL Routers\nscreen2root - Screen 4.05.00 (CVE-2017-5618) local privesc\nFreeACS-Pwn - TR-069 exploit for FreeACS server, disclosed at BSides Edinburgh.\nJoomblah - Joomla 3.7.0 SQL Injection exploit (CVE-2017-8917)\npisspoorpool - Local file inclusion exploit for p2pool status page\nwipgpwn - Remote Root Exploit for WePresent WiPG-1000,1500,2000 devices\nTBA\n\nLink:\n\nhttps://github.com/XiphosResearch/exploits https://www.facebook.com/1656611301265857/posts/1887994441460874", "creation_timestamp": "2017-07-11T02:04:41.000000Z"}]}