[VIM] "Phil's Bookmark" looks, smells site-specific

Steven M. Christey coley at mitre.org
Thu Feb 22 14:22:19 EST 2007

I're cleaning out leftover 2006 references for CVE, which is why I'm
posting about so many old issues.

Refs: Phil's Bookmark script admin By-pass

I followed up asking "is this site-specific"?


The response here:


was "Yes, there really is a issue here. If you take time and don't
just look at the first 2-3 pages in google.  Phil's Bookmark is a
bookmark script."  Naturally, there was no actual URL provided.

So Googling about I was only able to find this:

  Phil's Bookmark Thingy

Looking around, you can see various successful hacks.  So the issue is
real, anyway.  In an ironic twist, someone (perhaps not Phil) added
links to various internet security sites.

The page appears to be run by a guy named Phil.  There is no contact
information, otherwise I'd send an inquiry.

Google doesn't return any more results for "Phil's Bookmark script"
besides the Bugtraq post and related messages.  I looked through

So, I'm thinking site-specific here.

- Steve

More information about the VIM mailing list