[VIM] Source verify of mg.applanix RFI

Steven M. Christey coley at mitre.org
Wed Dec 6 17:23:26 EST 2006

whoops, looks like that Bugtraq post was a couple days after a milw0rm


which included two more vectors.

1) act/act_check_access.php : verified

     require( $apx_root_path.'db/access_rights.php' );

   is the first statement in the program.

2) dsp/dsp_form_booking_ctl.php : verified

     require( $apx_root_path.'qry/qry_form_customer.php' );

   is the second statement in the program, coming after an unrelated

And, well, you can download the code to find a bunch more vectors,

- Steve

More information about the VIM mailing list