[VIM] tomatoCMS - dupe or not?

Steven M. Christey coley at linus.mitre.org
Tue Jul 6 11:38:35 CDT 2010

alleged rediscovery by HTBridge here:


   claim is "q" parameter in index.php, in 2.0.6.

Jericho claims dupe with original Secunia discovery here:


but that issue, CVE-2010-1994, is the PATH_INFO in index.php, claimed to 
be fixed in 2.0.5.

I suspect these are distinct vectors and vulns - Secunia?

- Steve

More information about the VIM mailing list