[VIM] work system e-commerce?
Stuart Moore
smoore at securityglobal.net
Fri Nov 17 13:47:57 EST 2006
Regarding http://www.milw0rm.com/exploits/2752 and Secunia SA22963,
index.php first says:
include ("include_includes.inc");
which says:
include 'include_config.php';
which specifies $g_include.
The 'install4.php' script supposedly writes 'include_config.php' based
on 'include_config_replace.php'.
So, on a properly configured system, this exploit path should not be valid.
Stuart
More information about the VIM
mailing list