CVE-2001-1235

Опубликовано: 02 окт. 2001

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

pSlash PHP script 0.7 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the includedir variable.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2001-10/0012.html
http://www.iss.net/security_center/static/7215.php
http://www.kb.cert.org/vuls/id/847803
Exploit
Patch
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/3395
Vendor Advisory
http://archives.neohapsis.com/archives/bugtraq/2001-10/0012.html
http://www.iss.net/security_center/static/7215.php
http://www.kb.cert.org/vuls/id/847803
Exploit
Patch
Third Party Advisory
US Government Resource
http://www.securityfocus.com/bid/3395
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:derek_leung:pslash:0.70:*:*:*:*:*:*:*

EPSS

Процентиль: 86%

0.02972

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-wg9x-9fvm-m48v

github

больше 3 лет назад