[VIM] Bogus - [c_r_ck at hotmail.com: Lazarus Guestbook (admin.php)Remote File Include Expliot]

Steven M. Christey coley at linus.mitre.org
Wed Mar 7 23:41:54 UTC 2007

On Wed, 7 Mar 2007 dm at securityfocus.com wrote:

> require_once $include_path.'/admin/config.inc.php';

I've noticed that extract() and similar variable overwrites frequently
occur in config files.  Was admin/config.inc.php and others checked for
these kinds of issues that might overwrite $include_path?

- Steve

More information about the VIM mailing list