[VIM] bogus - HitWeb v3.0 - Remote File Include Vulnerabilities

Stuart Moore smoore at securityglobal.net
Tue Sep 19 15:41:29 EDT 2006

Re: "HitWeb v3.0 - Remote File Include Vulnerabilities" report on 
Bugtraq, and also BID: 20060.

index.php says this before anything else:

   include "conf/hitweb.conf" ;

and that conf file says:

   $REP_CLASS = 'class';

I didn't check the other files.


More information about the VIM mailing list