>include("../../../mainfile.php");
>
>include($phpbb_root_path.'common.'.$phpEx);
>
>...
>
>in mainfile.php at lines 54-56
>
>...
>
>import_request_variables('GPC');
Oh, OK - now that makes sense. This looks like one aspect of the
"globals overwrite" problem as originally documented by Stefan
Yeah,its so weird. vulnerable code in pagestart.php at line 68.
http://victim/modules/Forums/admin/admin_styles.php?phpbb_root_path=2
Warning: main(2common.php): failed to open stream: No such file or directory in
C:\Inetpub\vhosts\victim\httpdocs\modules\Forums\admin\pagestart.php on line 68
J
in all mentioned files we have:
...
$phpbb_root_path = "./../";
require($phpbb_root_path . 'extension.inc');
...
so I would like to see how this can work...
