CVE-2001-1297

Опубликовано: 02 окт. 2001

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

PHP remote file inclusion vulnerability in Actionpoll PHP script before 1.1.2 allows remote attackers to execute arbitrary PHP code via a URL in the includedir parameter.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2001-10/0012.html
http://sourceforge.net/project/shownotes.php?release_id=58331
http://www.iss.net/security_center/static/7215.php
Patch
Vendor Advisory
http://www.osvdb.org/1960
http://www.securityfocus.com/bid/3384
Exploit
Vendor Advisory
http://archives.neohapsis.com/archives/bugtraq/2001-10/0012.html
http://sourceforge.net/project/shownotes.php?release_id=58331
http://www.iss.net/security_center/static/7215.php
Patch
Vendor Advisory
http://www.osvdb.org/1960
http://www.securityfocus.com/bid/3384
Exploit
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:actionpoll:actionpoll:*:*:*:*:*:*:*:*

Версия до 1.1.1 (включая)

EPSS

Процентиль: 77%

0.01093

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-mvx6-p37c-4gp5

github

больше 3 лет назад