IPB (Invision Power Board) Full Path Disclusure

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: IPB (Invision Power Board) Full Path Disclusure
From: security@xxxxxxxxx
Date: 19 Apr 2007 14:39:42 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Hello

IPB (Invision Power Board) Full Path Disclusure

Discovered By : HACKERS PAL
Copy rights : HACKERS PAL
Website : http://www.soqor.net
Email Address : security@xxxxxxxxx

Tested on 2.1.X and 2.2.X Maybe Infected

ips_kernel/PEAR/Text/Diff3.php
ips_kernel/PEAR/Text/Diff/Renderer/unified.php
ips_kernel/PEAR/Text/Diff/Renderer/inline.php
sources/acp_loaders/acp_pages_components.php
sources/classes/bbcode/class_bbcode_legacy.php
sources/classes/bbcode/class_bbcode.php
sources/classes/editor/class_editor_std.php
sources/classes/editor/class_editor_rte.php
sources/classes/post/class_post_edit.php
sources/classes/post/class_post_new.php
sources/classes/post/class_post_reply.php
sources/lib/search_mysql_man.php
sources/lib/search_mysql_ftext.php
sources/sql/mysql_admin_queries.php
sources/sql/mysql_extra_queries.php
sources/sql/mysql_queries.php
sources/sql/mysql_subsm_queries.php
sources/loginauth/ldap/auth.php

And Many Other Files Are infected :)

# WwW.SoQoR.NeT

Prev by Date: Re: ZDI-07-020: BMC Performance Manager SNMP Command Execution Vulnerability
Next by Date: [waraxe-2007-SA#049] - Multiple vulnerabilities in Phorum 5.1.20
Previous by thread: CfP Hack.lu 2007
Next by thread: [waraxe-2007-SA#049] - Multiple vulnerabilities in Phorum 5.1.20
Index(es):
- Date
- Thread