PHP Nuke Nederland
  
•   Home  •  Downloads  •  Your Account  •  Forums  •
PHP-Nuke Nederland: Forums

PHP-Nuke Nederland :: View topic - [Fix] - phpbb_root_path Arbitrary File Inclusion (Critical)
 Forum FAQ  •   Search   •  Memberlist  •  Usergroups   •  Register   •    •  Profile  •  Log in to check your private messages  •  Log in

[Fix] - phpbb_root_path Arbitrary File Inclusion (Critical)
 
Post new topicReply to topic PHP-Nuke Nederland Forum Index » Bugs / Fixes
View previous topic Log in to check your private messages View next topic
Author Message
kenwood
Moderator
Moderator


Joined: Sep 07, 2004
Posts: 246
PostPosted: Sat 07 May 2005 3:51 Reply with quoteBack to top
Fix voor BBtoNuke 2.0.14

Open modules/Forums/admin/pagestart.php and find:

Code:

 define('FORUM_ADMIN', true);
 include("../../../mainfile.php");
 include($phpbb_root_path.'common.'.$phpEx);
 



Replace with:

Code:

 define('FORUM_ADMIN', true);
 define("PHPBB_ROOT_PATH", $phpbb_root_path);
 define("PHPBB_PHPEX", $phpEx);
 include("../../../mainfile.php");
 $phpbb_root_path = PHPBB_ROOT_PATH;
 $phpEx = PHPBB_PHPEX;
 include($phpbb_root_path.'common.'.$phpEx);
 



Original advisory: http://secunia.com/advisories/15244/
View user's profileSend private message
BlueLion
Administrator
Administrator


Joined: Aug 21, 2004
Posts: 2836
PostPosted: Sat 07 May 2005 6:40 Reply with quoteBack to top
Thx, kenwood. Ben er nog niet helemaal achter wat dit doet/verhelpt.


BL
View user's profileSend private messageSend e-mailVisit poster's website
Display posts from previous:      
 Donaties   Adverteren 
Wilt u het forum steunen, dan kunt u nu eenvoudig doneren met PayPal.
Post new topicReply to topic PHP-Nuke Nederland Forum Index » Bugs / Fixes
View previous topic Log in to check your private messages View next topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group

Web site powered by PHP-Nuke

All logos and trademarks in this site are property of their respective owner. The comments are property of their posters, all the rest © 2004-2008 by BlueLion.
SEO enhanced with the Sitemapper script
You can syndicate our news using the file backend.php or ultramode.txt
Powered by PHP Powered by MySQL Apache Webserver Valid robots.txt
PHP-Nuke Copyright © 2004 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
Pagina rendering: 0.08 seconden


[Valid News RSS]

RSS Feeds:
[RSS 2.0 News Feed]
[RSS 2.0 Download Feed]
[RSS 2.0 Forum Feed]
[RSS 2.0 Link Feed]
:: fisubsilver shadow phpbb2 style by Daz :: PHP-Nuke theme by BlueLion ::