ID | CVE-2001-1370 | ||||||
Sažetak | prepend.php3 in PHPLib before 7.2d, when register_globals is enabled for PHP, allows remote attackers to execute arbitrary scripts via an HTTP request that modifies $_PHPLIB[libdir] to point to malicious code on another server, as seen in Horde 1.2.5 and earlier, IMP before 2.2.6, and other packages that use PHPLib. | ||||||
Reference |
|
||||||
CVSS |
|
||||||
Pristup |
|
||||||
Impact |
|
||||||
CVSS vektor | AV:N/AC:L/Au:N/C:C/I:C/A:C | ||||||
Zadnje važnije ažuriranje | 18-10-2016 - 02:14 | ||||||
Objavljeno | 21-07-2001 - 04:00 |