[VIM] Grafitti Forums 1.0 Remote SQL Injection/HTML Injection Vulnerabilities

George A. Theall theall at tenablesecurity.com
Mon Sep 15 02:33:17 UTC 2008

Anyone know which product milw0rm 6429 supposedly covers? SirGod  
doesn't mention a vendor, nor does the corresponding Bugtraq ID (31130).

Apart from a slight difference in the spelling of the product, the SQL  
injection issue involving the 'f' parameter to 'topics.php' seems to  
be a rehash of a discovery made by Paisterist back in 2006:


and covered by Bugtraq 18928.

theall at tenablesecurity.com

More information about the VIM mailing list