Pligg 2.0.1 SQL Injection / Command Execution

!/usr/bin/python Exploit Title: Pligg useremail; 62. $subject = $mainsmarty-getconfigvars"PLIGGVisualName".' '.$mainsmarty-getconfigvars"PLIGGPassEmailSubject"; 63. 64. $body = sprintf 65. $mainsmarty-getconfigvars"PLIGGPassEmailPassBody", 66. $mainsmarty-getconfigvars"PLIGGVisualName", 67...