[VIM] true: WebMod 0.48 XSS

Steven M. Christey coley at mitre.org
Tue Oct 16 21:39:27 UTC 2007

Wide publication by SECUNIA:27245

Seems to be related to a post by "nemessis" at

Seems to be live on some servers based on Google search results.

source: http://djeyl.net/files.php#webmod

auth.w appears to utilize a custom or non-typical programming language
mixed with HTML, probably called W, without any apparent documentation
in the WebMod package.  Commands are encoded within "{}"

The relevant line is:

  <form action="auth.w?redir={G.redir}" method="post" name="authform">

where, from context in other source code, "G" is an
array/hash/structure that contains values from GET requests.

- Steve

More information about the VIM mailing list