[VIM] Newbie CMS File Disclosure Vulnerability
George A. Theall
theall at tenablesecurity.com
Tue Mar 16 13:57:06 UTC 2010
Exploit DB 11768 covers a file disclosure vulnerability in Newbie CMS
-- reportedly the issue involves the 'free_download.php' script. As
far as I can see, though, that script is not included in the
distribution file, whether you look at the copy helpfully included as
part of the advisory or either v2 or v3 downloaded from the project
site. [It does appear to be what's used to actually distribute the
software though.]
George
--
theall at tenablesecurity.com
More information about the VIM
mailing list