The Joomla File Uploader component suffers from a shell upload vulnerability.
eebd755ccb2bf6671987d607aac7a893809e50536a2a932a91198ac35a905883
###
# Title : Joomla Component (com_fileuploader) Upload File Vulnerability
# Author : KedAns-Dz
# E-mail : ked-h@hotmail.com
# Home : HMD/AM (30008/04300) - Algeria -(00213555248701)
# Twitter page : twitter.com/kedans
# platform : php
# Impact : Upload File Vulnerability
# Tested on : Windows XP sp3 FR
###
# Note : BAC 2011 Enchallah ( Me & BadR0 & Dr.Ride & Red1One & XoreR & Fox-Dz ... all )
###
# Go0gle Dork : inurl:com_fileuploader
###
# Demo : http://[TARGET]/[PATH]/index.php?option=com_fileuploader&view=fileuploader&Itemid=7
# Example : http://www.aziz-rehman.com/index.php?option=com_fileuploader&view=fileuploader&Itemid=7
# Exploit :
1 - Goto Upload Page .../index.php?option=com_fileuploader&view=fileuploader&Itemid=7
2 - Upload Shell .txt .jpg ... etc
#================[ Exploited By KedAns-Dz * HST-Dz * ]=========================
# GreetZ to : Islampard * Dr.Ride * Zaki.Eng * BadR0 * NoRo FouinY * Red1One
# XoreR * Mr.Dak007 * Hani * TOnyXED * Fox-Dz * Massinhou-Dz ++ all my friends ;
# > Algerians < [D] HaCkerS-StreeT-Team [Z] > Hackers <
# My Friends on Facebook : Nayla Festa * Dz_GadlOl * MatmouR13 ...all Others
# 4nahdha.com : TitO (Dr.Ride) * MEN_dz * Mr.LAK (Administrator) * all members ...
# sec4ever.com members Dz : =>>
# Ma3sTr0-Dz * Indoushka * MadjiX * BrOx-Dz * JaGo-Dz ... all Others
# hotturks.org : TeX * KadaVra ... all Others
# Kelvin.Xgr ( kelvinx.net)
#===========================================================================