[VIM] CMS Made Simple eval injection is really an ADOdb Lite problem

George A. Theall theall at tenablesecurity.com
Mon Sep 24 16:59:36 UTC 2007

On 09/24/07 12:54, Steven M. Christey wrote:

> lib/adodb_lite/adodb-perf-module.inc.php in CMS Made Simple is an
> exact copy of adodb-perf-module.inc.php as distributed in ADOdb Lite
> 1.42 from here:
> Note that adodb-perf.inc.php in the "regular" ADOdb doesn't have an
> eval at all, so this appears to be specific to ADOdb Lite.

Right. ADOdb Lite is a lightweight version of ADOdb. Besides CMS Made 
Simple, it's also used in paFileDB 3.6 (but not 3.53), under 

theall at tenablesecurity.com

More information about the VIM mailing list