[VIM] [Bogus - partly] V TLM CMS <= 1.1 (i-accueil.php chemin) Remote File Include Vulnerability (fwd)

str0ke str0ke at milw0rm.com
Fri Jan 12 15:38:55 EST 2007


Rob,

I didn't even see the i-index.php mentioned in his short advisory.
Removed the 50 percent that wasn't working.

/str0ke

On 1/12/07, rkeith at securityfocus.com <rkeith at securityfocus.com> wrote:
> http://www.milw0rm.com/exploits/3118
>
> Half of this is bogus. In i-index.php the $chemin parameter is clearly
> defined. However in the i-accueil.php script this appears legit.
>
> In i-index.php:
> Line 12:  $chemin = "." ;
>
> --
> Rob Keith
> Symantec
>


More information about the VIM mailing list