[VIM] Bogus - [CLBOX <= (signup.php header) Remote File Include Vulnerability]

George A. Theall theall at tenablesecurity.com
Mon Mar 19 11:18:55 UTC 2007

In signup.php, we have:

   require "inc/lib.inc";
   @include "$header";

and at the base of the include file we see:

   $header = "../header.php";

While I haven't bothered to actually install the software, this sure 
looks bogus to me.

theall at tenablesecurity.com

More information about the VIM mailing list