[VIM] Pluck 4.6.2 (langpref) Local File Inclusion Vulnerabilities

str0ke str0ke at milw0rm.com
Mon May 18 20:29:32 UTC 2009

George A. Theall wrote:
> On May 18, 2009, at 3:37 PM, str0ke wrote:
>> There isn't a data directory in the same folder as the vulnerable
>> scripts.  So it will error in inclusion on most of the lines except the
>> 3rd one if register globals = on.
> Oh, of course!  Thanks,
> George
Doesn't seem this can be exploited with php4 on linux but php5 is fair
game.  Also not sure if it really matters the php version in windows.

More information about the VIM mailing list