Arbitrary File Inclusion Vulnerability in Phorecast PHP Script

CVE-2001-1049 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Phorecast PHP script before 0.40 allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.

Learn more about our Web App Pen Testing.