CVE-2001-1299

Опубликовано: 02 окт. 2001

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Zorbat Zorbstats PHP script before 0.9 allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2001-10/0012.html
http://www.come.to/zorbat/
http://www.iss.net/security_center/static/7215.php
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/847803
US Government Resource
http://www.kb.cert.org/vuls/id/JARL-53RJKV
US Government Resource
http://www.securityfocus.com/bid/3386
Vendor Advisory
http://archives.neohapsis.com/archives/bugtraq/2001-10/0012.html
http://www.come.to/zorbat/
http://www.iss.net/security_center/static/7215.php
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/847803
US Government Resource
http://www.kb.cert.org/vuls/id/JARL-53RJKV
US Government Resource
http://www.securityfocus.com/bid/3386
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:zorbat:zorbstats:0.8:*:*:*:*:*:*:*

EPSS

Процентиль: 85%

0.02711

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-265j-p2gg-g729

github

больше 3 лет назад