CVE-2016-8869

EPSS 97.4%

The register method in the UsersModelRegistration class in controllers/user.php in the Users component in Joomla! before 3.6.4 allows remote attackers to gain privileges by leveraging incorrect use of unfiltered data when registering on a site.

Affected products

n/a · n/a

public PoCs found — 5

githubgithub.com/rustyJ4ck/JoomlaCVE20168869★ 7 githubgithub.com/zugetor/Joomla-3.4.4-3.6.4_CVE-2016-8869_and_CVE-2016-8870★ 0 githubgithub.com/cved-sources/cve-2016-8869★ 0 cve_referencewww.exploit-db.com/exploits/40637/unverified exploitdbwww.exploit-db.com/exploits/40637unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://blog.sucuri.net/2016/10/details-on-the-privilege-escalation-vulnerability-in-joomla.html https://developer.joomla.org/security-centre/660-20161002-core-elevated-privileges.html https://github.com/joomla/joomla-cms/commit/bae1d43938c878480cfd73671e4945211538fdcf https://medium.com/%40showthread/joomla-3-6-4-account-creation-elevated-privileges-write-up-and-exploit-965d8fb46fa2#.rq4qh1v4r https://www.exploit-db.com/exploits/40637/http://www.rapid7.com/db/modules/auxiliary/admin/http/joomla_registration_privesc http://www.securityfocus.com/bid/93883 http://www.securitytracker.com/id/1037108