CVE-2001-1237

2002-06-2504:00:00

mitre

www.cve.org

AI Score

7.8

Confidence

Low

EPSS

0.026

Percentile

90.3%

JSON

Phormation PHP script 0.9.1 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the phormationdir variable.

References

archives.neohapsis.com/archives/bugtraq/2001-10/0012.html

www.iss.net/security_center/static/7215.php

www.kb.cert.org/vuls/id/847803

www.peaceworks.ca/phormation/phormation-0.9.2.tar.gz

www.securityfocus.com/bid/3393