Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

SimpleBBS v1.1(posts.php) remote command execution

From: stormhacker () hotmail com
Date: 12 Apr 2006 23:28:20 -0000
[W]orld [D]efacers Team
======================================
--------------------Summary----------------
eVuln ID: WD10
Vendor: SimpleBBS 
Vendor's Web Site: www.simplemedia.org
Software: SimpleBBS Forums
Sowtware's Web Site: www.simplemedia.org
Versions: v1.1 v 1.0.*
Class: Remote
PoC/Exploit: Available
Solution: Not Available
Discovered by: rUnViRuS (worlddefacers.de)
-----------------Description---------------
posts.php File command execution
$cmd

--------------PoC/Exploit----------------------
http://www.worlddefacers.de/Public/WD-SMPL.txt
--------------Solution---------------------
No Patch available.

--------------Credit-----------------------
Discovered by: rUnViRuS (worlddefacers.de)

-------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: