[VIM] Mambo Module uhp 0.3 (uhp_config.php) Remote File Inclusion Exploit

George A. Theall theall at tenablesecurity.com
Fri Mar 23 20:50:03 UTC 2007

After last summer's blitz, any remote file include issue published 
nowadays and involving mosConfig_absolute_path raises suspicions in my 
mind. So when I saw today's announcement of one affecting the User Home 
Pages (UHP) module, I looked a bit... Turns out it's the same as what 
kurdish security published last summer. Compare for yourself:

   New: http://milw0rm.com/exploits/3553

Or am I just overlooking something?

theall at tenablesecurity.com

More information about the VIM mailing list