3 matches found
AWOL helperfunction.php includedir Parameter Remote File Inclusion
The remote host is running AWOL, an open source PHP application. It is possible to make the remote host include php files hosted on a third party server using the '$include' variable in AWOL. An attacker may use this flaw to inject arbitrary code in the remote host and gain a shell with the...
CVE-2001-1048
AWOL-related CVE-2001-1048 affects the AWOL PHP application and allows a remote attacker to include arbitrary files from remote web sites by setting the includedir HTTP parameter. The vulnerability enables remote code execution through local file inclusion-like behavior via a crafted request to i...
CVE-2001-1048
AWOL PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable...