cve/2023/CVE-2023-23752.md

### [CVE-2023-23752](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23752)
![](https://img.shields.io/static/v1?label=Product&message=Joomla!%20CMS&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%204.0.0-4.2.7%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=ACL&color=brighgreen)

### Description

An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/0day404/vulnerability-poc
- https://github.com/0x783kb/Security-operation-book
- https://github.com/0xNahim/CVE-2023-23752
- https://github.com/0xWhoami35/CVE-2023-23752
- https://github.com/0xWhoami35/Devvorte-Writeup
- https://github.com/0xsyr0/OSCP
- https://github.com/0xx01/CVE-2023-23752
- https://github.com/20142995/Goby
- https://github.com/20142995/pocsuite3
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/ATIGNONWilliam/-Joomla-v4.2.8---Divulgation-d-informations-non-authentifi-es
- https://github.com/Acceis/exploit-CVE-2023-23752
- https://github.com/AkbarWiraN/Joomla-Scanner
- https://github.com/AlissoftCodes/CVE-2023-23752
- https://github.com/AlissonFaoli/CVE-2023-23752
- https://github.com/Anekant-Singhai/Exploits
- https://github.com/Archan6el/Devvortex-Writeup
- https://github.com/Archan6el/Devvortex-Writeup-HackTheBox
- https://github.com/BearClaw96/Joomla-v4.x-Unauthenticated-information-disclosure
- https://github.com/BugBlocker/lotus-scripts
- https://github.com/C1ph3rX13/CVE-2023-23752
- https://github.com/CLincat/vulcat
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/Fernando-olv/Joomla-CVE-2023-23752
- https://github.com/Ge-Per/Scanner-CVE-2023-23752
- https://github.com/Gerxnox/One-Liner-Collections
- https://github.com/GhostToKnow/CVE-2023-23752
- https://github.com/H454NSec/CVE-2023-23752
- https://github.com/Henry4E36/POCS
- https://github.com/Jenderal92/Joomla-CVE-2023-23752
- https://github.com/JeneralMotors/CVE-2023-23752
- https://github.com/JohnDoeAnonITA/CVE-2023-23752
- https://github.com/K3ysTr0K3R/CVE-2023-23752-EXPLOIT
- https://github.com/K3ysTr0K3R/K3ysTr0K3R
- https://github.com/KayCHENvip/vulnerability-poc
- https://github.com/Ly0kha/Joomla-CVE-2023-23752-Exploit-Script
- https://github.com/Marco-zcl/POC
- https://github.com/MrP4nda1337/CVE-2023-23752
- https://github.com/Ostorlab/KEV
- https://github.com/Pari-Malam/CVE-2023-23752
- https://github.com/Pari-Malam/DorkerW-CVE-2023-23752
- https://github.com/Pushkarup/CVE-2023-23752
- https://github.com/Rival420/CVE-2023-23752
- https://github.com/RootKRD/CVE-2023
- https://github.com/Saboor-Hakimi/CVE-2023-23752
- https://github.com/SenukDias/OSCP_cheat
- https://github.com/SrcVme50/Devvortex
- https://github.com/Sweelg/CVE-2023-23752
- https://github.com/ThatNotEasy/CVE-2023-23752
- https://github.com/Threekiii/Awesome-POC
- https://github.com/Threekiii/CVE
- https://github.com/Threekiii/Vulhub-Reproduce
- https://github.com/TindalyTn/CVE-2023-23752
- https://github.com/Vulnmachines/joomla_CVE-2023-23752
- https://github.com/WhiteOwl-Pub/CVE-2023-23752
- https://github.com/WhiteOwl-Pub/Joomla-PoC-CVE-2023-23752
- https://github.com/XRSec/AWVS-Update
- https://github.com/Youns92/Joomla-v4.2.8---CVE-2023-23752
- https://github.com/YusinoMy/CVE-2023-23752
- https://github.com/abrahim7112/Vulnerability-checking-program-for-Android
- https://github.com/adhikara13/CVE-2023-23752
- https://github.com/adriyansyah-mf/CVE-2023-23752
- https://github.com/aliestercrowleymv/CVE-2023-23752-Vulnerability-Scanner
- https://github.com/bakery312/Vulhub-Reproduce
- https://github.com/cybernetwiz/CVE-2023-23752
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/dravenww/curated-article
- https://github.com/equationsoftworks/Radiance
- https://github.com/fardeen-ahmed/Bug-bounty-Writeups
- https://github.com/gh1mau/nse
- https://github.com/gibran-abdillah/CVE-2023-23752
- https://github.com/gunzf0x/CVE-2023-23752
- https://github.com/hadrian3689/CVE-2023-23752_Joomla
- https://github.com/haxor1337x/Mass-Checker-CVE-2023-23752
- https://github.com/hktalent/TOP
- https://github.com/ibaiw/joomla_CVE-2023-23752
- https://github.com/ifacker/CVE-2023-23752-Joomla
- https://github.com/imnewbie1/JoomlaDB
- https://github.com/izj007/wechat
- https://github.com/k0valskia/CVE-2023-23752
- https://github.com/k8gege/Ladon
- https://github.com/karthikuj/CVE-2023-23752-Docker
- https://github.com/keyuan15/CVE-2023-23752
- https://github.com/lainonz/CVE-2023-23752
- https://github.com/luck-ying/Goby2.0-POC
- https://github.com/luck-ying/Library-POC
- https://github.com/malionnn/-Joomla-v4.2.8---Divulgation-d-informations-non-authentifi-es
- https://github.com/mariovata/CVE-2023-23752-Python
- https://github.com/mil4ne/CVE-2023-23752-Joomla-v4.2.8
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/nu0y4/HScan
- https://github.com/r3dston3/CVE-2023-23752
- https://github.com/raystr-atearedteam/CVE2023-23752
- https://github.com/shellvik/CVE-2023-23752
- https://github.com/soryecker/HScan
- https://github.com/sponkmonk/Ladon_english_update
- https://github.com/svaltheim/CVE-2023-23752
- https://github.com/sw0rd1ight/CVE-2023-23752
- https://github.com/thecybertix/One-Liner-Collections
- https://github.com/trganda/dockerv
- https://github.com/txuswashere/OSCP
- https://github.com/wangking1/CVE-2023-23752-poc
- https://github.com/whoami13apt/files2
- https://github.com/wibuheker/Joomla-CVE-2023-23752
- https://github.com/wjlin0/poc-doc
- https://github.com/wy876/POC
- https://github.com/xingchennb/POC-
- https://github.com/yTxZx/CVE-2023-23752
- https://github.com/yusinomy/CVE-2023-23752
- https://github.com/z3n70/CVE-2023-23752
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2023-23752](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-23752)`
			`![](https://img.shields.io/static/v1?label=Product&message=Joomla!%20CMS&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=%3D%204.0.0-4.2.7%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=ACL&color=brighgreen)`

			`### Description`

			`An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
Update CVE sources 2024-05-28 08:49 2024-05-28 08:49:17 +00:00			`- https://github.com/0day404/vulnerability-poc`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/0x783kb/Security-operation-book`
			`- https://github.com/0xNahim/CVE-2023-23752`
Update CVE sources 2024-05-28 08:49 2024-05-28 08:49:17 +00:00			`- https://github.com/0xWhoami35/CVE-2023-23752`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/0xWhoami35/Devvorte-Writeup`
Update CVE sources 2024-06-07 04:52 2024-06-07 04:52:01 +00:00			`- https://github.com/0xsyr0/OSCP`
Update CVE sources 2024-06-10 07:22 2024-06-10 07:22:43 +00:00			`- https://github.com/0xx01/CVE-2023-23752`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/20142995/Goby`
			`- https://github.com/20142995/pocsuite3`
			`- https://github.com/ARPSyndicate/cvemon`
			`- https://github.com/ARPSyndicate/kenzer-templates`
			`- https://github.com/ATIGNONWilliam/-Joomla-v4.2.8---Divulgation-d-informations-non-authentifi-es`
			`- https://github.com/Acceis/exploit-CVE-2023-23752`
			`- https://github.com/AkbarWiraN/Joomla-Scanner`
			`- https://github.com/AlissoftCodes/CVE-2023-23752`
Update CVE sources 2024-05-28 08:49 2024-05-28 08:49:17 +00:00			`- https://github.com/AlissonFaoli/CVE-2023-23752`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/Anekant-Singhai/Exploits`
			`- https://github.com/Archan6el/Devvortex-Writeup`
			`- https://github.com/Archan6el/Devvortex-Writeup-HackTheBox`
			`- https://github.com/BearClaw96/Joomla-v4.x-Unauthenticated-information-disclosure`
			`- https://github.com/BugBlocker/lotus-scripts`
			`- https://github.com/C1ph3rX13/CVE-2023-23752`
Update CVE sources 2024-06-22 09:37 2024-06-22 09:37:59 +00:00			`- https://github.com/CLincat/vulcat`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/CVEDB/PoC-List`
			`- https://github.com/CVEDB/awesome-cve-repo`
			`- https://github.com/CVEDB/top`
			`- https://github.com/Fernando-olv/Joomla-CVE-2023-23752`
			`- https://github.com/Ge-Per/Scanner-CVE-2023-23752`
			`- https://github.com/Gerxnox/One-Liner-Collections`
			`- https://github.com/GhostToKnow/CVE-2023-23752`
			`- https://github.com/H454NSec/CVE-2023-23752`
			`- https://github.com/Henry4E36/POCS`
			`- https://github.com/Jenderal92/Joomla-CVE-2023-23752`
			`- https://github.com/JeneralMotors/CVE-2023-23752`
Update CVE sources 2024-05-28 08:49 2024-05-28 08:49:17 +00:00			`- https://github.com/JohnDoeAnonITA/CVE-2023-23752`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/K3ysTr0K3R/CVE-2023-23752-EXPLOIT`
Update CVE sources 2024-05-28 08:49 2024-05-28 08:49:17 +00:00			`- https://github.com/K3ysTr0K3R/K3ysTr0K3R`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/KayCHENvip/vulnerability-poc`
			`- https://github.com/Ly0kha/Joomla-CVE-2023-23752-Exploit-Script`
			`- https://github.com/Marco-zcl/POC`
			`- https://github.com/MrP4nda1337/CVE-2023-23752`
			`- https://github.com/Ostorlab/KEV`
			`- https://github.com/Pari-Malam/CVE-2023-23752`
			`- https://github.com/Pari-Malam/DorkerW-CVE-2023-23752`
			`- https://github.com/Pushkarup/CVE-2023-23752`
			`- https://github.com/Rival420/CVE-2023-23752`
			`- https://github.com/RootKRD/CVE-2023`
			`- https://github.com/Saboor-Hakimi/CVE-2023-23752`
Update CVE sources 2024-08-05 18:41 2024-08-05 18:41:32 +00:00			`- https://github.com/SenukDias/OSCP_cheat`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/SrcVme50/Devvortex`
			`- https://github.com/Sweelg/CVE-2023-23752`
			`- https://github.com/ThatNotEasy/CVE-2023-23752`
			`- https://github.com/Threekiii/Awesome-POC`
			`- https://github.com/Threekiii/CVE`
			`- https://github.com/Threekiii/Vulhub-Reproduce`
			`- https://github.com/TindalyTn/CVE-2023-23752`
			`- https://github.com/Vulnmachines/joomla_CVE-2023-23752`
			`- https://github.com/WhiteOwl-Pub/CVE-2023-23752`
			`- https://github.com/WhiteOwl-Pub/Joomla-PoC-CVE-2023-23752`
			`- https://github.com/XRSec/AWVS-Update`
			`- https://github.com/Youns92/Joomla-v4.2.8---CVE-2023-23752`
			`- https://github.com/YusinoMy/CVE-2023-23752`
			`- https://github.com/abrahim7112/Vulnerability-checking-program-for-Android`
			`- https://github.com/adhikara13/CVE-2023-23752`
			`- https://github.com/adriyansyah-mf/CVE-2023-23752`
			`- https://github.com/aliestercrowleymv/CVE-2023-23752-Vulnerability-Scanner`
			`- https://github.com/bakery312/Vulhub-Reproduce`
			`- https://github.com/cybernetwiz/CVE-2023-23752`
			`- https://github.com/d4n-sec/d4n-sec.github.io`
			`- https://github.com/dravenww/curated-article`
			`- https://github.com/equationsoftworks/Radiance`
			`- https://github.com/fardeen-ahmed/Bug-bounty-Writeups`
			`- https://github.com/gh1mau/nse`
			`- https://github.com/gibran-abdillah/CVE-2023-23752`
			`- https://github.com/gunzf0x/CVE-2023-23752`
			`- https://github.com/hadrian3689/CVE-2023-23752_Joomla`
			`- https://github.com/haxor1337x/Mass-Checker-CVE-2023-23752`
			`- https://github.com/hktalent/TOP`
			`- https://github.com/ibaiw/joomla_CVE-2023-23752`
			`- https://github.com/ifacker/CVE-2023-23752-Joomla`
			`- https://github.com/imnewbie1/JoomlaDB`
			`- https://github.com/izj007/wechat`
			`- https://github.com/k0valskia/CVE-2023-23752`
			`- https://github.com/k8gege/Ladon`
			`- https://github.com/karthikuj/CVE-2023-23752-Docker`
			`- https://github.com/keyuan15/CVE-2023-23752`
			`- https://github.com/lainonz/CVE-2023-23752`
			`- https://github.com/luck-ying/Goby2.0-POC`
			`- https://github.com/luck-ying/Library-POC`
			`- https://github.com/malionnn/-Joomla-v4.2.8---Divulgation-d-informations-non-authentifi-es`
Update CVE sources 2024-05-28 08:49 2024-05-28 08:49:17 +00:00			`- https://github.com/mariovata/CVE-2023-23752-Python`
Update CVE sources 2024-06-10 07:22 2024-06-10 07:22:43 +00:00			`- https://github.com/mil4ne/CVE-2023-23752-Joomla-v4.2.8`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/nomi-sec/PoC-in-GitHub`
Update CVE sources 2024-05-28 08:49 2024-05-28 08:49:17 +00:00			`- https://github.com/nu0y4/HScan`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/r3dston3/CVE-2023-23752`
			`- https://github.com/raystr-atearedteam/CVE2023-23752`
			`- https://github.com/shellvik/CVE-2023-23752`
			`- https://github.com/soryecker/HScan`
			`- https://github.com/sponkmonk/Ladon_english_update`
			`- https://github.com/svaltheim/CVE-2023-23752`
			`- https://github.com/sw0rd1ight/CVE-2023-23752`
			`- https://github.com/thecybertix/One-Liner-Collections`
			`- https://github.com/trganda/dockerv`
			`- https://github.com/txuswashere/OSCP`
			`- https://github.com/wangking1/CVE-2023-23752-poc`
Update CVE sources 2024-05-28 08:49 2024-05-28 08:49:17 +00:00			`- https://github.com/whoami13apt/files2`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/wibuheker/Joomla-CVE-2023-23752`
Update CVE sources 2024-05-28 08:49 2024-05-28 08:49:17 +00:00			`- https://github.com/wjlin0/poc-doc`
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`- https://github.com/wy876/POC`
			`- https://github.com/xingchennb/POC-`
			`- https://github.com/yTxZx/CVE-2023-23752`
			`- https://github.com/yusinomy/CVE-2023-23752`
			`- https://github.com/z3n70/CVE-2023-23752`