[VIM] true: Request It : Song Request System 1.0b RFI

Steven M. Christey coley at mitre.org
Thu Apr 12 18:17:03 UTC 2007

Previous message: [VIM] true: SimpCMS Light RFI
Next message: [VIM] probably false: xodagallery execution claim
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Researcher: hackberry.ath.cx
Ref: Request It : Song Request System 1.0b - remote file inclusion
     http://www.securityfocus.com/archive/1/archive/1/465081/100/0/threaded


Source inspection confirmed this: if(isset($id)) { if($id == 'home') {
$id = "list"; } include($id.".php"); }

- Steve

Previous message: [VIM] true: SimpCMS Light RFI
Next message: [VIM] probably false: xodagallery execution claim
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the VIM mailing list