[VIM] SenseSites CommonSense CMS

security curmudgeon jericho at attrition.org
Tue Nov 7 23:57:47 EST 2006


CVE-2006-3576

Looks like CVE got this from BID which would explain this error:

CommonSense CMS Search.PHP Date Parameter SQL Injection Vulnerability
http://www.securityfocus.com/bid/18893

Discussion doesn't mention the script, exploit is blank. BID frequently 
uses the odd caps on script names.

http://www.sensesites.com/download.htm
http://www.sensesites.com/download/CommonSense_CMS_5_0.tar.gz

This file shows the script is 'search.php', not 'Search.PHP'


More information about the VIM mailing list