[VIM] @1 File Store PRO SQL injection - the old gray dupe

Steven M. Christey coley at linus.mitre.org
Tue Aug 25 21:14:10 UTC 2009

On Tue, 25 Aug 2009, str0ke wrote:

> > These vectors for the id parameter in config.php and download.php were
> > also disclosed by eVuln in 2006, albeit for a different version (version
> > 2006.03.07, non-pro).  See CVE-2006-1278
> Are you counting [MIL] 6040 as a dupe from CVE-2006-1278?

Yes, though I'm half-expecting George to pipe up and throw a whole wrench
into my logic ;-)

- Steve

More information about the VIM mailing list