CVE-2001-1051 | Vulnerability Database | Aqua Security

Dark Hart Portal (darkportal) PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.

Affected Software

Name	Vendor	Start Version	End Version
Darkportal-unix	Dark_hart_portal	0.1.16 (including)	0.1.16 (including)
Darkportal-unix	Dark_hart_portal	0.1.17 (including)	0.1.17 (including)
Darkportal-unix	Dark_hart_portal	0.1.18 (including)	0.1.18 (including)

References

http://archives.neohapsis.com/archives/bugtraq/2001-10/0012.html
http://sourceforge.net/tracker/index.php?func=detail\u0026aid=440666\u0026group_id=20971\u0026atid=120971
http://www.securityfocus.com/bid/3390
https://exchange.xforce.ibmcloud.com/vulnerabilities/7215
http://archives.neohapsis.com/archives/bugtraq/2001-10/0012.html
http://sourceforge.net/tracker/index.php?func=detail\u0026aid=440666\u0026group_id=20971\u0026atid=120971
http://www.securityfocus.com/bid/3390
https://exchange.xforce.ibmcloud.com/vulnerabilities/7215

NVD	https://nvd.nist.gov/vuln/detail/CVE-2001-1051
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html