[VIM] WTF: RIG Image Gallery (dir_abs_src) Remote File Include Vulnerability

ascii ascii at katamail.com
Tue Jul 31 15:43:41 UTC 2007

str0ke wrote:
> With register globals = off he wouldn't be able to initialize the
> variable anyways correct?

Yes, the advisory is fake. (I was just pointing out that the exploit
blocker was not the str_replace())

Best regards,
Francesco `ascii` Ongaro

More information about the VIM mailing list