[VIM] Quick Poll Script (code.php id) Remote SQL Injection Vulnerability

str0ke str0ke at milw0rm.com
Thu Nov 13 04:08:45 UTC 2008

George A. Theall wrote:
> Hey str0ke, did you miss milw0rm 7105 back when it came out in August?
> The advisory looks nearly identical to
> http://packetstorm.linuxsecurity.com/0808-exploits/quickpoll-sql.txt,
> which maps to CVE-2008-3765 / BID 30724. 
Yep, I stopped posting a lot of Hussin's vulnerabilities in the past.  A
lot of the scripts / pozscripts / ezone scripts were all the same
scripts sold under different names.

Future note, if it looks the same, exactly the same sql injection with
the same script.  I'm pretty sure you can place it in your book that its
the same vulnerability.


More information about the VIM mailing list