[VIM] Bogus: Segue CMS <= 1.8.4 index.php Remote File Inclusion Vulnerability

George A. Theall theall at tenablesecurity.com
Mon Oct 1 17:20:27 UTC 2007

It looks like Milw0rm 4476 is bogus -- $themedir is set in 
config.inc.php to 'themes', and it does not seem to be overwritten 
later. [config.inc.php is not included in the distribution file but it's 
created from config_sample.inc.php as part of the installation process.]

Or did I mess this one up too?

theall at tenablesecurity.com

More information about the VIM mailing list