###################################################################################
RSform!Pro <= 1.3.0 - Remote Shell Upload Vulnerability
 
[-] Author: Ibrahim Raafat
[-] Twitter: https://twitter.com/RaafatSEC
[-] Reported to vendor : 7 September 2014
[-] Response: Extremely old
 
[+] Details:

Upload shell.php.zip from the form and the shell will be uploaded to the server on this path

/components/com_rsform/uploads/ 

and it will be executable

May be another versions are vulnerable also to the same vulnerability


=> There is a reflected XSS Vulnerability in the form .. Birth_date parameter
</script><script>alert(1337)<script>


###################################################################################