Sign in Subscribe

← All advisories

Unrated severityNVD Advisory· Published Oct 2, 2001· Updated Apr 16, 2026

CVE-2001-1048

CVE-2001-1048

Description

AWOL PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.

Affected products

7

Topher1kenobe/Awol7 versions
cpe:2.3:a:topher1kenobe:awol:1.0:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:topher1kenobe:awol:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:topher1kenobe:awol:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:topher1kenobe:awol:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:topher1kenobe:awol:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:topher1kenobe:awol:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:topher1kenobe:awol:2.01:*:*:*:*:*:*:*
- cpe:2.3:a:topher1kenobe:awol:2.1:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

5

archives.neohapsis.com/archives/bugtraq/2001-10/0012.htmlnvdPatchVendor Advisory
www.gospelcom.net/mnn/topher/awol/changelog.phpnvdPatch
www.securityfocus.com/bid/3387nvdVendor Advisory
www.geocrawler.com/archives/3/14414/2001/9/0/6668723/nvd
www.iss.net/security_center/static/7215.phpnvd

News mentions

0

No linked articles in our index yet.