[VIM] True: XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability
str0ke
str0ke at milw0rm.com
Wed Jun 13 19:02:10 UTC 2007
Got ya brotha,
You da man.
/str0ke
On 6/13/07, George A. Theall <theall at tenablesecurity.com> wrote:
> On 06/13/07 14:00, str0ke wrote:
>
> > Are you sure that authentication is needed for this to be exploitable?
>
> No, it's not. The admin just needs to tweak permissions so that
> anonymous users have access to it.
>
> George
> --
> theall at tenablesecurity.com
>
More information about the VIM
mailing list