[VIM] Unrestricted file upload vulnerabilities

Steven M. Christey coley at mitre.org
Wed Sep 6 20:32:51 EDT 2006

FYI, we're seeing enough issues where someone can upload a file with
an executable extension like .php, then access the file to execute
code, that CVE is going to start calling them "Unrestricted file
upload" issues.  Heck, it's even consistent with what we call it in
CWE :) Suggestions for other terms welcome... suppose I should ask the
web app security people what they call this...

- Steve

More information about the VIM mailing list