CVE-2001-1049

Phorecast PHP script before 0.40 allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.

Date published : 2002-03-09

http://www.securityfocus.com/bid/3388

http://archives.neohapsis.com/archives/bugtraq/2001-10/0012.html