Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (Forum/Board/Portal)  >   phpBB Vendors:   phpBB Group
phpBB 'oracle.php' Discloses Path to Remote Users
SecurityTracker Alert ID:  1013377
SecurityTracker URL:
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Mar 5 2005
Impact:   Disclosure of system information
Exploit Included:  Yes  
Version(s): 2.0.13 and prior versions
Description:   A vulnerability was reported in phpBB in 'oracle.php'. A remote user can determine the installation path.

A remote user can directly access 'phpBB/db/oracle.php' to cause the system to display an error message that discloses the installation path.

HaCkZaTaN of [N]eo [S]ecurity [T]eam reported this vulnerability.

Impact:   A remote user can determine the installation path.
Solution:   No solution was available at the time of this entry.
Vendor URL: (Links to External Site)
Cause:   Exception handling error
Underlying OS:  Linux (Any), UNIX (Any), Windows (Any)

Message History:   None.

 Source Message Contents

Subject:  -==phpBB 2.0.13 Full path disclosure==-

Program:  phpBB 2.0.13
Vulnerable Versions: phpBB 2.0.13 & Lower versions
Risk: Low Risk!!
Impact: Full path disclosure

         -==phpBB 2.0.13 Full path disclosure==-

- Description
phpBB is a high powered, fully scalable, and highly customizable
Open Source bulletin board package. phpBB has a user-friendly
interface, simple and straightforward administration panel, and
helpful FAQ. Based on the powerful PHP server language and your
choice of MySQL, MS-SQL, PostgreSQL or Access/ODBC database servers,
phpBB is the ideal free community solution for all web sites.

- Tested
localhost & many forums

- Explotation

Fatal error: Cannot redeclare sql_nextid() in /home/weblord/phpBB/db/oracle.php on line 405

I know is stupid!!!
Line 405
	function sql_nextid($query_id = 0)
			$query_id = $this->query_result;

oK if i am not right i think i quick patch it'll be erasing lines 405 to 438
because is repeating the same function twice as the fatal error says "Cannot redeclare sql_nextid()"
function sql_nextid($query_id = 0) << Is repeated twice.

- Exploit
Not necesesary!!
- Solutions
Not Yet xD

- References

- Credits
Discovered by HaCkZaTaN <>

Got Questions? #neosecurityteam

- Greets

           And my Colombian people



Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, LLC