CVE Vulnerabilities

CVE-2001-1052

Published: Oct 02, 2001 | Modified: Dec 19, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Empris PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.

Affected Software

Name Vendor Start Version End Version
Empris Emergenices_personnel_information_system 2001-08-10 2001-08-10
Empris Emergenices_personnel_information_system 2001-09-08 2001-09-08
Empris Emergenices_personnel_information_system 0.4 0.4

References