[VIM] True: XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability

str0ke str0ke at milw0rm.com
Wed Jun 13 19:02:10 UTC 2007


Got ya brotha,

You da man.

/str0ke

On 6/13/07, George A. Theall <theall at tenablesecurity.com> wrote:
> On 06/13/07 14:00, str0ke wrote:
>
> > Are you sure that authentication is needed for this to be exploitable?
>
> No, it's not. The admin just needs to tweak permissions so that
> anonymous users have access to it.
>
> George
> --
> theall at tenablesecurity.com
>


More information about the VIM mailing list