BugTraq
Back to list
|
Post reply
Fullpath disclosure in Blue Magic Board 5.5
Sep 14 2006 02:45AM
hack2prison yahoo com
Blue Magic Board (BMB) is nice forum system written by http://bmforum.com
Some file error and show fullpath. I test newest version, maybe all older versions are infected.
http://domain.ext/[bmb_path]/footer.php
http://domain.ext/[bmb_path]/header.php
http://domain.ext/[bmb_path]/include/db/db_mysql_error.php
http://domain.ext/[bmb_path]/datafile/langlist.php
http://domain.ext/[bmb_path]/datafile/sendmail.php
http://domain.ext/[bmb_path]/datafile/style.php
This was reported Admin but haven't received reply yet.
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Some file error and show fullpath. I test newest version, maybe all older versions are infected.
http://domain.ext/[bmb_path]/footer.php
http://domain.ext/[bmb_path]/header.php
http://domain.ext/[bmb_path]/include/db/db_mysql_error.php
http://domain.ext/[bmb_path]/datafile/langlist.php
http://domain.ext/[bmb_path]/datafile/sendmail.php
http://domain.ext/[bmb_path]/datafile/style.php
This was reported Admin but haven't received reply yet.
[ reply ]