CVE-2001-1299 Information

Description

Zorbat Zorbstats PHP script before 0.9 allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.

Reference

http://archives.neohapsis.com/archives/bugtraq/2001-10/0012.html http://www.come.to/zorbat/ http://www.iss.net/security_center/static/7215.php http://www.kb.cert.org/vuls/id/847803 http://www.kb.cert.org/vuls/id/JARL-53RJKV http://www.securityfocus.com/bid/3386