[VIM] SenseSites CommonSense CMS
Steven M. Christey
coley at linus.mitre.org
Wed Nov 8 14:35:12 EST 2006
On Tue, 7 Nov 2006, security curmudgeon wrote:
>
> CVE-2006-3576
>
> Looks like CVE got this from BID which would explain this error:
>
> CommonSense CMS Search.PHP Date Parameter SQL Injection Vulnerability
Yes, I encourage copy-and-paste of important vectors, and apparently the
junior analyst who did this wasn't sufficiently aware that BID's have this
interesting capitalization quirk.
Thanks,
Steve
More information about the VIM
mailing list