[VIM] my dispute: Submit ( b2evolution<= 1.8 Remote File Include Vulnerabilities )
Stuart Moore
smoore at securityglobal.net
Tue Aug 29 19:04:03 EDT 2006
The bugtraq message "Submit ( b2evolution<= 1.8 Remote File Include
Vulnerabilities )" by "h4ck3riran at yahoo.com" makes invalid claims.
All of the mentioned files include this statement up front:
require_once dirname(__FILE__).'/conf/_config.php';
The _config.php file in turn includes this:
require_once dirname(__FILE__).'/_advanced.php';
The _advanced.php file specifies constant values and/or local paths for
the underlying components of inc_path and misc_inc_path.
Stuart
More information about the VIM
mailing list