[VIM] SenseSites CommonSense CMS
security curmudgeon
jericho at attrition.org
Tue Nov 7 23:57:47 EST 2006
CVE-2006-3576
Looks like CVE got this from BID which would explain this error:
CommonSense CMS Search.PHP Date Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/18893
Discussion doesn't mention the script, exploit is blank. BID frequently
uses the odd caps on script names.
http://www.sensesites.com/download.htm
http://www.sensesites.com/download/CommonSense_CMS_5_0.tar.gz
This file shows the script is 'search.php', not 'Search.PHP'
More information about the VIM
mailing list