CVE-2020-10238: Incorrect Access Control in com_templates- RCE
CVE-2020-10239: Incorrect Access Control in com_fields SQL field- RCE
https://developer.joomla.org/security-centre/804-20200303-core-incorrect-access-control-in-com-templates.html
https://developer.joomla.org/security-centre/806-20200305-core-incorrect-access-control-in-com-fields-sql-field.html
https://hoangkien1020.tech/index.php/2020/03/13/my-journey-to-find-out-joomlas-cvepart-1/
Guide to use docker such as:
docker pull hoangkien1020/joomla:hk
docker run -d --rm -it -p 8080:80 hoangkien1020/joomla:hk
#Step 3: Access your domain/IP with port 8080:
Inside this image with credentials
MySQL: root: root (can access via IP:8080/phpmyadmin)
superadmin:1234 (Super Users)
admin:1234 (Administrator)