[VIM] Jupiter CMS file include - CVE dispute
Steven M. Christey
coley at mitre.org
Mon Aug 28 18:33:56 EDT 2006
Ref: BUGTRAQ:20060825 Jupiter CMS 1.1.5 index.php Remote File Include
D3nGeR includes the following code snippet:
$template = "default";
Looks like the good ol' grep-and-gripe.
I downloaded the code, and while $template is used heavily, it's set
to constant values or (probably) admin-controlled configuration
So, CVE disputes this.
More information about the VIM