Bug file Upload in " Joomla Component com_smartformer"

[ type attack ]
tamper data

[ dork ]
inurl:index.php?option=com_smartformer  inurl:itemid= intext:Upload

[ demo ]
http://www.goodarch2u.com.my/index.php?option=com_smartformer&Itemid=439&lang=en
http://www.finenge.com/en/index.php?option=com_smartformer&Itemid=90

[ shell location ]
site/components/com_smartformer/files/yournameshell.php

[ details ]
http://1337day.com/exploit/19825