Computer Security

Security Advisory: IPB (Invision Power Board) Full Path Disclusure
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  [Full-disclosure] freePBX 2.2.x's Music-on-hold Remote Code Execution Injection

  Eba News Version : v1.1 <=  (webpages.
php) Remote File Include // starhack.org

  NeatUpload vulnerability and fix

  [waraxe-2007-SA#049] - Multiple vulnerabilities in Phorum 5.1.20

From:HACKERS PAL <security_(at)_soqor.net>
Date:20.04.2007
Subject:IPB (Invision Power Board) Full Path Disclusure


Hello

IPB (Invision Power Board) Full Path Disclusure

Discovered By : HACKERS PAL
Copy rights : HACKERS PAL
Website : http://www.soqor.net
Email Address : security@soqor.net

Tested on 2.1.X and 2.2.X Maybe Infected

ips_kernel/PEAR/Text/Diff3.php
ips_kernel/PEAR/Text/Diff/Renderer/unified.php
ips_kernel/PEAR/Text/Diff/Renderer/inline.php
sources/acp_loaders/acp_pages_components.php
sources/classes/bbcode/class_bbcode_legacy.php
sources/classes/bbcode/class_bbcode.php
sources/classes/editor/class_editor_std.php
sources/classes/editor/class_editor_rte.php
sources/classes/post/class_post_edit.php
sources/classes/post/class_post_new.php
sources/classes/post/class_post_reply.php
sources/lib/search_mysql_man.php
sources/lib/search_mysql_ftext.php
sources/sql/mysql_admin_queries.php
sources/sql/mysql_extra_queries.php
sources/sql/mysql_queries.php
sources/sql/mysql_subsm_queries.php
sources/loginauth/ldap/auth.php

And Many Other Files Are infected :)

# WwW.SoQoR.NeT
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod
 


Rating@Mail.ru