[VIM] MkPortal <= 1.1.1 reviews / gallery modules SQL Injection Exploit

George A. Theall theall at tenablesecurity.com
Fri Jul 13 02:20:18 UTC 2007

Milw0rm 4179 / BID 24891 seems like it's a subset of the issues covered 
by BID 24886 / 
<http://archives.neohapsis.com/archives/bugtraq/2007-07/0119.html>. That 
is, the 'ind' parameter controls the module, 'op' controls the function, 
and 'iden' is the specific input passed to the SQL queries.

Anyone else notice this?

theall at tenablesecurity.com

More information about the VIM mailing list