[VIM] Dreampics Builder (exhibition_id) Remote SQL Injection Vulnerability

George A. Theall theall at tenablesecurity.com
Tue Aug 18 17:33:46 UTC 2009

milw0rm 9451 looks rather similar to an issue discovered by xoron  
earlier this year and covered by milw0rm 7968 / OSVDB 51741 /  
CVE-2009-0445. Except that xoron says it's a blind SQL injection vuln  
while Mr. SQL suggests a plain SQL injection attack works. Anybody  
have access to the source and can confirm either way? Do they involve  
different versions?

theall at tenablesecurity.com

More information about the VIM mailing list