[VIM] True: XOOPS Module icontent v.1.0 Remote File Inclusion Exploit (Milw0rm 4022)

George A. Theall theall at tenablesecurity.com
Sat Jun 2 01:47:44 UTC 2007

The affected file starts basically with:

   include $spaw_root.'config/spaw_control.config.php';

so exploitation requires register_globals to be enabled.

In case anyone's curious, the issue is similar to the issue reported 
last year by Kapda:


That is, both phpwcms and Xoops' icontent module make use of a 
vulnerable instance of SPAW PHP WYSIWYG editor control.

theall at tenablesecurity.com

More information about the VIM mailing list