Lucene search

[email protected]CVE-2001-1298

HistoryMay 03, 2002 - 4:00 a.m.

CVE-2001-1298

2002-05-0304:00:00

[email protected]

web.nvd.nist.gov

cve-2001-1298

webodex

php script

remote file inclusion

version 1.0

vulnerability

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7.3 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.0%

JSON

Webodex PHP script 1.0 and earlier allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.

Affected configurations

NVD

Node

grant_horwoodwebodexRange≤1.0

CPENameOperatorVersion
grant_horwood:webodexgrant horwood webodexle1.0

CPE	Name	Operator	Version
grant_horwood:webodex	grant horwood webodex	le	1.0

References

archives.neohapsis.com/archives/bugtraq/2001-10/0012.html

www.iss.net/security_center/static/7215.php

www.securityfocus.com/bid/3385

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

7.3 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.0%

JSON

Related for CVE-2001-1298

nvd1 cvelist1