[VIM] CVE source verify: The Web Drivers Forum SQL injection

Steven M. Christey coley at mitre.org
Wed Nov 8 15:08:03 EST 2006

Researcher: Bl0od3r
Ref: http://www.milw0rm.com/exploits/2722

Downloaded the specified file on 20061108.  Product does not appear to
have a version.  Most files are dated 20060318, including

from message_details.php:

  <? include("conn.php");
  $ms_sql="select * from tbl_forum where forum_id=". $_GET['id'];

conn.php only connects to the database; $_GET is untouched there.

Also: note spelling of the vendor name, which is called "Webdrivers"
in the milw0rm post.  This was verified in the readme.txt in the forum
distribution, pluse the vendor's front page.

- Steve

More information about the VIM mailing list