[VIM] Bogus: Segue CMS <= 1.8.4 index.php Remote File Inclusion Vulnerability
str0ke at milw0rm.com
Mon Oct 1 17:29:31 UTC 2007
Ya I thought the same thing, tested it on multiple sites ranging from
1.8.4 and below and worked like a charm.
George A. Theall wrote:
> It looks like Milw0rm 4476 is bogus -- $themedir is set in
> config.inc.php to 'themes', and it does not seem to be overwritten
> later. [config.inc.php is not included in the distribution file but
> it's created from config_sample.inc.php as part of the installation
> Or did I mess this one up too?
More information about the VIM