CVE-2001-1299

Description

Zorbat Zorbstats PHP script before 0.9 allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.

Affected Software
References

Software	From	Fixed in
zorbat / zorbstats	0.8	0.8.x

http://archives.neohapsis.com/archives/bugtraq/2001-10/0012.html
http://www.come.to/zorbat/
http://www.iss.net/security_center/static/7215.php
http://www.kb.cert.org/vuls/id/847803
http://www.kb.cert.org/vuls/id/JARL-53RJKV
http://www.securityfocus.com/bid/3386

Severity: Medium

CVE: CVE-2001-1299
Published: Oct 2, 2001
Updated: Apr 13, 2023
Exploit:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:P/A:N

CVE-2001-1299

Description

Details

CVSS v2