------------------------------------------------------------------------------------------------ # Joomla $ joomlavs.rb --url https://targetsite.com --scan-all ---------------------------------------------------------------------- ##. ######. ######. ###. ###.##. #####. ##. ##.#######. ##|##.---##.##.---##.####. ####|##| ##.--##.##| ##|##.----' ##|##| ##|##| ##|##.####.##|##| #######|##| ##|#######. ## ##|##| ##|##| ##|##|'##.'##|##| ##.--##|'##. ##.''----##| '#####.''######.''######.'##| '-' ##|#######.##| ##| '####.' #######| '----' '-----' '-----' '-' '-''------''-' '-' '---' '------' ---------------------------------------------------------------------- [+] URL: http://targetsite.com [+] Started: Sat Nov 28 06:35:47 2020 [+] Found 2 interesting headers. | Server: nginx/1.19.3 | X-Powered-By: PHP/5.6.40 [+] Joomla version 3.6.3 identified from admin manifest [!] Found 4 vulnerabilities affecting this version of Joomla! [!] Title: Remote Code Execution in third-party PHPMailer library | Reference: http://www.cvedetails.com/cve/CVE-2016-10033 | Reference: http://www.cvedetails.com/cve/CVE-2016-10045 [i] Fixed in: 3.6.5 [!] Title: Joomla! < 3.6.4 Privilege Escalation | Reference: http://www.cvedetails.com/cve/CVE-2016-9838 [i] Fixed in: 3.6.4 [!] Title: Shell Upload | Reference: http://www.cvedetails.com/cve/CVE-2016-9836 [i] Fixed in: 3.6.4 [!] Title: Information Disclosure | Reference: http://www.cvedetails.com/cve/CVE-2016-9837 [i] Fixed in: 3.6.4 [+] Scanning for vulnerable components... [!] Found 4 vulnerable components. ------------------------------------------------------------------ [+] Name: JoomGallery - v3.3.3 | Location: http://targetsite.com/administrator/components/com_joomgallery | Manifest: http://targetsite.com/administrator/components/com_joomgallery/joomgallery.xml | Description: JoomGallery 3 is a native Joomla! 3.x gallery component | Author: JoomGallery::ProjectTeam | Author URL: http://www.joomgallery.net [!] Title: Joomla 1.5.x com_joomgallery&func Incorrect Flood Filter | Reference: https://www.exploit-db.com/exploits/10312 ------------------------------------------------------------------ [+] Name: JCE - v2.3.1 | Location: http://targetsite.com/administrator/components/com_jce | Manifest: http://targetsite.com/administrator/components/com_jce/jce.xml | Description: WF_ADMIN_DESC | Author: Ryan Demmer | Author URL: www.joomlacontenteditor.net [!] Title: Joomla JCE Component (com_jce) Blind SQL Injection Vulnerability | Reference: https://www.exploit-db.com/exploits/17136 ------------------------------------------------------------------ [+] Name: - v0 | Location: http://targetsite.com/administrator/components/com_5starhotels | Manifest: http://targetsite.com/administrator/components/com_5starhotels/5starhotels.xml [!] Title: Joomla Component 5starhotels (id) SQL Injection Exploit | Reference: https://www.exploit-db.com/exploits/7575 ------------------------------------------------------------------ [+] Name: com_xmap - v2.3.4 | Location: http://targetsite.com/administrator/components/com_xmap | Manifest: http://targetsite.com/administrator/components/com_xmap/manifest.xml | Description: Xmap - Sitemap Generator for Joomla! | Author: Guillermo Vargas | Author URL: http://www.jooxmap.com [!] Title: Xmap 1.2.11 Joomla Component Blind SQL Injection | Reference: https://www.exploit-db.com/exploits/17525 ------------------------------------------------------------------ [+] Scanning for vulnerable modules... [!] Found 0 vulnerable modules. ------------------------------------------------------------------ [+] Scanning for vulnerable templates... [!] Found 0 vulnerable templates. ------------------------------------------------------------------ [+] Finished