[pLog-svn] sql exploit?

Jon Daley plogworld at jon.limedaley.com
Tue Jun 10 12:26:30 EDT 2008


Can anyone duplicate this?  I can't on the current svn branch, and I 
downgraded to 1.2.8 and can't either.

(I also checked Reto's blog, and got the same error as mine - 
error_fetching_album)

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2629

Maybe the security report has a typo in it, and it is only a drupal module 
that it is affected.  The example exploit shows downloading lifetype from 
sourceforge...


-- 
Jon Daley
http://jon.limedaley.com
~~
I want to get quoted. I think I say enough stuff to get quoted.
-- JoAnn Paul


More information about the pLog-svn mailing list