[VIM] true: fuzzylime (cms) path traversal

Steven M. Christey coley at mitre.org
Tue Sep 11 16:38:20 UTC 2007

Previous message: [VIM] MIL 4383
Next message: [VIM] Milw0rm 4392 - CVE-2007-3997 [Dupe]
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Ref: http://www.milw0rm.com/exploits/4378
Researcher: [wHITe_ShEEp] of notsec

The source code download has:

  $p = $_POST[p];
  ...
  include "../gallery/$p.inc.php";

- Steve

Previous message: [VIM] MIL 4383
Next message: [VIM] Milw0rm 4392 - CVE-2007-3997 [Dupe]
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the VIM mailing list