TUCoPS :: Web BBS :: Frequently Exploited :: b06-4668.htm

phpBB XS 0.58 Remote File Include
AzzCoder => phpBB XS 0.58 Remote File Include
AzzCoder => phpBB XS 0.58 Remote File Include



A important vulnerability into functions.php will allow a malicious user to insert a remote file.=0D
=0D
The Vulnerable Code:=0D
=0D
include_once( $phpbb_root_path . './includes/functions_categories_hierarchy.' . $phpEx );=0D
=0D
(The phpbb_root_path isn't initialize and PHPBB_IN isn't checked)

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH