CVE-2001-1237

2002-06-2504:00:00

mitre

www.cve.org

7.8 High

AI Score

Confidence

Low

0.026 Low

EPSS

Percentile

90.3%

JSON

Phormation PHP script 0.9.1 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the phormationdir variable.

References

archives.neohapsis.com/archives/bugtraq/2001-10/0012.html

www.iss.net/security_center/static/7215.php

www.kb.cert.org/vuls/id/847803

www.peaceworks.ca/phormation/phormation-0.9.2.tar.gz

www.securityfocus.com/bid/3393