Related information Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) Haberx v1.1 (tr) SQL Injection Vulnerability BolinOS v.4.5.5 <= (gBRootPath) Remote File Include Vulnerability XSS vulnerability in Blojsom Magic News Pro => 1.0.3 (script_path) Remote File Inclusion Exploit From:hack2prison_(at)_yahoo.com <hack2prison_(at)_yahoo.com> Date:15.09.2006Subject:Fullpath disclosure in Blue Magic Board 5.5Blue Magic Board (BMB) is nice forum system written by http://bmforum.com Some file error and show fullpath. I test newest version, maybe all older versions are infected. http://domain.ext/[bmb_path]/footer.php http://domain.ext/[bmb_path]/header.php http://domain.ext/[bmb_path]/include/db/db_mysql_error.php http://domain.ext/[bmb_path]/datafile/langlist.php http://domain.ext/[bmb_path]/datafile/sendmail.php http://domain.ext/[bmb_path]/datafile/style.php This was reported Admin but haven't received reply yet.
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Haberx v1.1 (tr) SQL Injection Vulnerability
BolinOS v.4.5.5 <= (gBRootPath) Remote File Include Vulnerability
XSS vulnerability in Blojsom
Magic News Pro => 1.0.3 (script_path) Remote File Inclusion Exploit
