Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1054

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-1054
Last Modified 10 Sep 2008 03:09:35
Published 02 Oct 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1054

Summary

PHPAdsNew PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.

Vulnerable Systems

Application

  • Phpadsnew 2.0 Beta5


References

BID - 3392

BUGTRAQ - 20011002 results of semi-automatic source code audit

CONFIRM - http://sourceforge.net/forum/forum.php?forum_id=117952

XF - php-includedir-code-execution(7215)

CONFIRM - http://sourceforge.net/forum/forum.php?thread_id=148900&forum_id=117952


Last Updated: 27 May 2016 10:36:30