[VIM] Source VERIFY of tagit2b delTagUser.php RFI
Steven M. Christey
coley at mitre.org
Wed Oct 11 18:07:30 EDT 2006
Researcher: k1tk4t at newhack.org
Post: BUGTRAQ:20061010 tagit2b -- Remote File Inclusion
http://www.securityfocus.com/archive/1/archive/1/448173/100/0/threaded
I downloaded the source as specified by the researcher.
Relevant code from the top of delTagUser.php (some whitespace
removed):
<?php
session_start();
include("$configpath/errmsg.inc.php");
Casual inspection suggests other issues in this product.
- Steve
More information about the VIM
mailing list