[VIM] ES Simple Download 1.0 Local File Inclusion Vulnerability
rkeith
rkeith at securityfocus.com
Fri Sep 10 10:12:25 CDT 2010
Hey George,
Looks like someone didn't see the first when creating the second.
We'll have 43133 retired as a duplicate shortly.
-Rob
George A. Theall wrote:
> Bugtraq ids 43124 and 43133 both cover a local file include
> vulnerability in EnergyScripts Simple Download 1.0 involving the 'file'
> parameter of the 'download.php' script. 43124 uses an exploit that's
> nearly identical to the one in Exploit DB 14960 while 43133 differs only
> in the value of 'file'. Both are attributed to Kazza. So, why two BIDs?
> Rob?
>
>
>
> George
--
Rob Keith
Symantec
More information about the VIM
mailing list