[VIM] Vendor ACK: 21370: CS-Cart index.php Multiple Variable SQL Injection (fwd)

Steven M. Christey coley at linus.mitre.org
Fri Jan 6 00:26:33 EST 2006


Thanks...

Added this VIM post as a reference to CVE-2005-4429, as prompted by
Brian's inclusion of a VIM reference a few days ago.  (lemming me is).
Maybe we should announce it somewhere or at least start treating it as
something that is public.

What do y'all think?

- Steve


On Thu, 5 Jan 2006, security curmudgeon wrote:

>
>
> ---------- Forwarded message ----------
> From: Vladimir V. Kalynyak
> Date: Thu, 5 Jan 2006 13:57:36 +0300
> Subject: [OSVDB Mods] [Change Request] 21370: CS-Cart index.php Multiple
>      Variable SQL Injection
>
> Hello,
>
> My name is Vladimir Kalynyak,
>
> I'm a Senior Sales Executive at CS-Cart.com.
>
> Could you please a note to the listing 21370 that the issue with SQL
> injection has been fixed since CS-Cart version 1.3.0.
>
> Thank you
> Vladimir
> http://www.cs-cart.com/
>


More information about the VIM mailing list