Lucene search

[email protected]CVE-2001-1296

HistoryOct 02, 2001 - 4:00 a.m.

CVE-2001-1296

2001-10-0204:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2001-1296

more.groupware

php script

remote file inclusion

nvd

security vulnerability

7.7 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.004 Low

EPSS

Percentile

72.9%

JSON

More.groupware PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.

CPENameOperatorVersion
marc_logemann:more.groupwaremarc logemann more.groupwareeq0.5.1

CPE	Name	Operator	Version
marc_logemann:more.groupware	marc logemann more.groupware	eq	0.5.1

References

archives.neohapsis.com/archives/bugtraq/2001-10/0012.html

www.iss.net/security_center/static/7215.php

www.moregroupware.org/index.php?action=detail&news_id=24

www.securityfocus.com/bid/3383

7.7 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

0.004 Low

EPSS

Percentile

72.9%

JSON