[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AzzCoder => phpBB XS 0.58 Remote File Include

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: AzzCoder => phpBB XS 0.58 Remote File Include
From: azzcoder@xxxxxxxxxxx
Date: 12 Sep 2006 00:35:44 -0000

A important vulnerability into functions.php will allow a malicious user to 
insert a remote file.

The Vulnerable Code:

include_once( $phpbb_root_path . './includes/functions_categories_hierarchy.' . 
$phpEx );

(The phpbb_root_path isn't initialize and PHPBB_IN isn't checked)

Prev by Date: WTools v0.0.1-ALPH - Remote File Include Vulnerabilities
Next by Date: rPSA-2006-0167-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs
Previous by thread: WTools v0.0.1-ALPH - Remote File Include Vulnerabilities
Next by thread: rPSA-2006-0167-1 xorg-x11 xorg-x11-fonts xorg-x11-tools xorg-x11-xfs
Index(es):
- Date
- Thread