Joomla 3.4.4 – 3.6.4 – Account Creation / Privilege Escalation PoC + Metasploit Framework exploitation. This exploit is avilable public on :

https://www.exploit-db.com/exploits/40637/

This exploit NOT work in Joomla 1.5 !!!

Dont use on sites that you dont have permission to test it ! Its ilegal !

source