LiveActive security incident?Get immediate response
CVE archive

April 2001

Browse CVE records published in April 2001, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 135 matching CVEs · Page 2 of 3.

Unknown · CVSS Not scored

CVE-2001-1370: prepend.php3 in PHPLib before 7.2d, when register_globals is enabled for PHP, allows remote attackers to ex...

prepend.php3 in PHPLib before 7.2d, when register_globals is enabled for PHP, allows remote attackers to execute arbitrary scripts via an HTTP request that modifies $_PHPLIB[libdir] to point to malicious code on another server, as seen in Horde 1.2.5 and earlier, IMP before 2.2.6, and other packages that use PHPLib.

Published Apr 2, 2003 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2001-0724: Internet Explorer 5.5 allows remote attackers to bypass security restrictions via malformed URLs that conta...

Internet Explorer 5.5 allows remote attackers to bypass security restrictions via malformed URLs that contain dotless IP addresses, which causes Internet Explorer to process the page in the Intranet Zone, which may have fewer security restrictions, aka the "Zone Spoofing Vulnerability variant" of CVE-2001-0664.

Published Apr 2, 2003 · Updated Aug 8, 2024