Vulnerability Details CVE-2001-1236
myphpPagetool PHP script 0.4.3-1 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the includedir variable.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.024
EPSS Ranking 84.5%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/bugtraq/2001-10/0012.html
- http://www.iss.net/security_center/static/7215.php
- http://www.kb.cert.org/vuls/id/847803
- http://www.securityfocus.com/bid/3394
- http://archives.neohapsis.com/archives/bugtraq/2001-10/0012.html
- http://www.iss.net/security_center/static/7215.php
- http://www.kb.cert.org/vuls/id/847803
- http://www.securityfocus.com/bid/3394
Products affected by CVE-2001-1236
-
cpe:2.3:a:sebastian_bunka:myphppagetool:0.4.3.1