[VIM] Grafitti Forums 1.0 Remote SQL Injection/HTML Injection Vulnerabilities
str0ke
str0ke at milw0rm.com
Mon Sep 15 05:11:15 UTC 2008
George,
Vendor url: http://www.bluedojo.com/graffiti.php
Ya its a dupe.
George A. Theall wrote:
> Anyone know which product milw0rm 6429 supposedly covers? SirGod
> doesn't mention a vendor, nor does the corresponding Bugtraq ID (31130).
>
> Apart from a slight difference in the spelling of the product, the SQL
> injection issue involving the 'f' parameter to 'topics.php' seems to
> be a rehash of a discovery made by Paisterist back in 2006:
>
> http://archives.neohapsis.com/archives/bugtraq/2006-07/0102.html
>
> and covered by Bugtraq 18928.
>
> George
More information about the VIM
mailing list