[VIM] SenseSites CommonSense CMS

Steven M. Christey coley at linus.mitre.org
Wed Nov 8 14:35:12 EST 2006

On Tue, 7 Nov 2006, security curmudgeon wrote:

> CVE-2006-3576
> Looks like CVE got this from BID which would explain this error:
> CommonSense CMS Search.PHP Date Parameter SQL Injection Vulnerability

Yes, I encourage copy-and-paste of important vectors, and apparently the
junior analyst who did this wasn't sufficiently aware that BID's have this
interesting capitalization quirk.


More information about the VIM mailing list