CVE-2001-1298

Name of the Vulnerable Software and Affected Versions: Webodex PHP script versions 1.0 and earlier

Description: The issue allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. This could potentially lead to malicious file inclusion and execution.

Recommendations: For Webodex PHP script versions 1.0 and earlier, consider restricting access to the includedir variable to prevent remote file inclusion attacks. As a temporary workaround, restrict the ability to set the includedir variable via HTTP requests until a more permanent fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.