[VIM] false? CVE-2008-6049 / TinyMCE SQL injection
str0ke
str0ke at milw0rm.com
Tue Mar 17 21:26:57 UTC 2009
George A. Theall wrote:
> On Mar 17, 2009, at 4:13 PM, Steven M. Christey wrote:
>
>>
>> Researcher: AnGeL25dZ
>>
>> http://www.milw0rm.com/exploits/7506
>>
>
Well its not TinyMCE thats vulnerable thats for sure. I'm betting its a
CMS like George stated thats affected. Not sure which one though.
Removing it from the frontend and noting it.
/str0ke
More information about the VIM
mailing list