Published: 21/07/2001 Updated: 18/10/2016

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

prepend.php3 in PHPLib prior to 7.2d, when register_globals is enabled for PHP, allows remote malicious users to execute arbitrary scripts via an HTTP request that modifies $_PHPLIB[libdir] to point to malicious code on another server, as seen in Horde 1.2.5 and previous versions, IMP prior to 2.2.6, and other packages that use PHPLib.

Vulnerable Product	Search on Vulmon	Subscribe to Product
phplib team phplib 7.2
phplib team phplib 7.2.1
phplib team phplib 7.2b
phplib team phplib 7.2c

source: wwwsecurityfocuscom/bid/3079/info The PHP Base Library('PHPLIB') is a code library which provides support for session management in web applications It is targeted to developers and is widely used in many web applications, so a strong possibility exists that an application may be using it without the knowledge of the administrato ...

NVD-CWE-Other http://www.securityfocus.com/archive/1/198768 http://www.debian.org/security/2001/dsa-073 http://www.securityfocus.com/bid/3079 http://www.iss.net/security_center/static/6892.php http://online.securityfocus.com/archive/1/198495 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000410 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2001-027.0.txt http://marc.info/?l=bugtraq&m=99616122712122&w=2 https://nvd.nist.gov https://www.exploit-db.com/exploits/21022/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2001-1370

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect