Share
## https://sploitus.com/exploit?id=C3D11A34-FA82-5BE0-9424-C79C09C0A169
# Joomla Unauthenticated Information Disclosure Exploit (CVE-2023-23752)

#### Exploit

## <u>Description</u>
This repository contains an exploit for a vulnerability named "Joomla Unauthenticated Information Disclosure" (CVE-2023-23752). Please note that this is merely a proof-of-concept script created for educational purposes and should be used responsibly.

This exploit is designed to demonstrate how an unauthenticated information disclosure vulnerability could potentially be exploited.


### <u>Disclaimer</u>
This repository is intended for educational purposes only. Do not use this code or any information contained within for malicious purposes. Always follow ethical guidelines and respect the law.

Usage:

    python3 juid.py [option] URL

Example:

    python3 juid.py -a http://vulnerable-website.com

Options:

    -u  dump users

    -U  dump users in full JSON format

    -c  dump configs

    -C  dump configs in full JSON format

    -a  dump users and configs

    -A  dump users and configs in full JSON format


Prerequisites:
>• A local development environment
>
>• Python installed (python version should be 3.10 or higher)
>
>• To run this exploit, you can follow these steps:

  

Clone this repository to your local machine.

```
git clone https://github.com/AlissoftCodes/CVE-2023-23752.git
```

Navigate to the project directory.

```
cd CVE-2023-23752
```

  

Run the juid.py script.

```
python3 juid.py -a http://vulnerable-website.com
```

  

###### Please remember that this exploit should never be used against real software or systems you're not authorized to test. Unauthorized access or any malicious activity is illegal.

  

#### <u>License</u>
_This exploit is released under the MIT License. You can find more information about this in the LICENSE file._

  

# Author: Alisson Faoli

#### Github: https://github.com/AlissoftCodes
#### LinkedIn: https://linkedin.com/in/alisson-faoli

  

<b>If you have any questions or concerns about this exploit, please feel free to contact the author</b>