[VIM] ES Simple Download 1.0 Local File Inclusion Vulnerability
George A. Theall
theall at tenable.com
Fri Sep 10 08:18:36 CDT 2010
Bugtraq ids 43124 and 43133 both cover a local file include
vulnerability in EnergyScripts Simple Download 1.0 involving the
'file' parameter of the 'download.php' script. 43124 uses an exploit
that's nearly identical to the one in Exploit DB 14960 while 43133
differs only in the value of 'file'. Both are attributed to Kazza. So,
why two BIDs? Rob?
George
--
theall at tenablesecurity.com
More information about the VIM
mailing list