http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200110-017

More.groupwarePHPscript存在漏洞。远程攻击者可以借助设置includedir变量的HTTP请求包含远程web网站的任意文件。

来源:XF
名称:php-includedir-code-execution(7215)
链接:http://www.iss.net/security_center/static/7215.php
来源:BID
名称:3383
链接:http://www.securityfocus.com/bid/3383
来源:www.moregroupware.org
链接:http://www.moregroupware.org/index.php?action=detail&news;_id=24
来源:BUGTRAQ
名称:20011002resultsofsemi-automaticsourcecodeaudit
链接:http://archives.neohapsis.com/archives/bugtraq/2001-10/0012.html