Bugtraq mailing list archives
Re: AzzCoder => PNphpBB (Latest) Remote File Include
From: str0ke <str0ke () milw0rm com>
Date: Thu, 21 Sep 2006 11:16:20 -0500
Carsten, The vulnerability is in version 1.2g and below. Source code : http://prdownloads.sourceforge.net/pnphpbb2/ Vulnerability: <?php /*************************************************************************** * functions_admin.php * ------------------- * begin : Saturday, Feb 13, 2001 * copyright : (C) 2001 The phpBB Group * email : support () phpbb com * * $Id: functions_admin.php,v 1.2 2004/08/29 21:59:05 carls Exp $ * * ***************************************************************************/ /*************************************************************************** * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * ***************************************************************************/ // Begin PNphpBB2 Categories Hierarchie Mod include_once( $phpbb_root_path . 'includes/functions.' . $phpEx ); Best Regards, /str0ke
Current thread:
- AzzCoder => PNphpBB (Latest) Remote File Include azzcoder (Sep 18)
- Re: AzzCoder => PNphpBB (Latest) Remote File Include Carsten Eilers (Sep 21)
- Re: AzzCoder => PNphpBB (Latest) Remote File Include str0ke (Sep 21)
- Re: AzzCoder => PNphpBB (Latest) Remote File Include Carsten Eilers (Sep 21)
- Re: AzzCoder => PNphpBB (Latest) Remote File Include str0ke (Sep 21)
- <Possible follow-ups>
- Re: AzzCoder => PNphpBB (Latest) Remote File Include Carsten Eilers (Sep 21)
- Re: AzzCoder => PNphpBB (Latest) Remote File Include Carsten Eilers (Sep 21)