A joomla 3.3.1 why doesn't exploit sql injection?

0 like 0 dislike
13 views
Namely, we are talking about CVE-2016-9838, as there is a exploit https://www.exploit-db.com/exploits/41157 written in Python, as I understand in the code just need to change the url the link "victims', but or I something not so do or a site is not vulnerable ( which I highly doubt, since it is not fixed so it must be present in version 3.3.1 as stated) but the terminal gives this error
Traceback (most recent call last):
File "joomla_take_over.py", line 39, in
data = {e['name']: e['value'] for e in form.find_all('input')}
AttributeError: 'NoneType' object has no attribute 'find_all'
asked by | 13 views

1 Answer

0 like 0 dislike
If the website is on any of the major shared hosting, with a probability of 99% there is mod_security c a set of rules from any provider(such as Comodo). that actually closes easily such an old vulnerability.
answered by

Related questions

0 like 0 dislike
1 answer
0 like 0 dislike
1 answer
0 like 0 dislike
1 answer
0 like 0 dislike
2 answers
0 like 0 dislike
2 answers
110,581 questions
257,150 answers
0 comments
476 users