[VIM] Grafitti Forums 1.0 Remote SQL Injection/HTML Injection Vulnerabilities
George A. Theall
theall at tenablesecurity.com
Mon Sep 15 02:33:17 UTC 2008
Anyone know which product milw0rm 6429 supposedly covers? SirGod
doesn't mention a vendor, nor does the corresponding Bugtraq ID (31130).
Apart from a slight difference in the spelling of the product, the SQL
injection issue involving the 'f' parameter to 'topics.php' seems to
be a rehash of a discovery made by Paisterist back in 2006:
http://archives.neohapsis.com/archives/bugtraq/2006-07/0102.html
and covered by Bugtraq 18928.
George
--
theall at tenablesecurity.com
More information about the VIM
mailing list