[VIM] Source VERIFY of pSlash 0.7 file include
Steven M. Christey
coley at mitre.org
Fri Aug 25 19:45:12 EDT 2006
http://www.milw0rm.com/exploits/2249
I downloaded 0.70 from SourceForge. It's dated June 2001, by the way.
Anyway, the first PHP statements in the file
modules/visitors2/include/config.inc.php are:
// language
if (!$ignore_messages)
{
include($lvc_include_dir.'lang/english.inc.php');
}
// database abstraction
require($lvc_include_dir.'db/db_mysql.inc.php');
so the issue is legit.
- Steve
More information about the VIM
mailing list