[VIM] source verify of "Ban v0.1" SQL injection

Steven M. Christey coley at mitre.org
Tue Nov 14 19:09:50 EST 2006

Researcher: Francesco Laurita
Reference: Re: Ban v0.1 (bannieres.php) File Include

Source inspection by a senior CVE analyst says:

  The code has

    $res=mysql_query("SELECT * FROM bannieres WHERE id='$id'");
    mysql_query("UPDATE bannieres SET affichage = affichage + 1 WHERE id='$id'");.

Also, based on the download, the product name used by the researcher
does not match the name shown within the product. Files in the
download say "SCRIPT BANNIERES ... Jean-Christophe Ramos."  However, a
search on ComScripts.com associates the script with the name
"ban0.1.", probably based on the name of the ZIP file.

- Steve

More information about the VIM mailing list