[VIM] Mambo Module uhp 0.3 (uhp_config.php) Remote File Inclusion Exploit
George A. Theall
theall at tenablesecurity.com
Fri Mar 23 20:50:03 UTC 2007
After last summer's blitz, any remote file include issue published
nowadays and involving mosConfig_absolute_path raises suspicions in my
mind. So when I saw today's announcement of one affecting the User Home
Pages (UHP) module, I looked a bit... Turns out it's the same as what
kurdish security published last summer. Compare for yourself:
Old:
kurdishsecurity.blogspot.com/2006/07/kurdish-security-15-user-home-pges.html
New: http://milw0rm.com/exploits/3553
Or am I just overlooking something?
George
--
theall at tenablesecurity.com
More information about the VIM
mailing list