[VIM] Bogus: Segue CMS <= 1.8.4 index.php Remote File Inclusion Vulnerability
George A. Theall
theall at tenablesecurity.com
Mon Oct 1 17:20:27 UTC 2007
It looks like Milw0rm 4476 is bogus -- $themedir is set in
config.inc.php to 'themes', and it does not seem to be overwritten
later. [config.inc.php is not included in the distribution file but it's
created from config_sample.inc.php as part of the installation process.]
Or did I mess this one up too?
George
--
theall at tenablesecurity.com
More information about the VIM
mailing list