Bugtraq mailing list archives
AzzCoder => phpBB XS 0.58 Remote File Include
From: azzcoder () hotmail com
Date: 12 Sep 2006 00:35:44 -0000
A important vulnerability into functions.php will allow a malicious user to insert a remote file. The Vulnerable Code: include_once( $phpbb_root_path . './includes/functions_categories_hierarchy.' . $phpEx ); (The phpbb_root_path isn't initialize and PHPBB_IN isn't checked)
Current thread:
- AzzCoder => phpBB XS 0.58 Remote File Include azzcoder (Sep 12)