CVE-2001-1237

Опубликовано: 02 окт. 2001

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Phormation PHP script 0.9.1 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the phormationdir variable.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2001-10/0012.html
http://www.iss.net/security_center/static/7215.php
http://www.kb.cert.org/vuls/id/847803
US Government Resource
http://www.peaceworks.ca/phormation/phormation-0.9.2.tar.gz
http://www.securityfocus.com/bid/3393
Exploit
Patch
Vendor Advisory
http://archives.neohapsis.com/archives/bugtraq/2001-10/0012.html
http://www.iss.net/security_center/static/7215.php
http://www.kb.cert.org/vuls/id/847803
US Government Resource
http://www.peaceworks.ca/phormation/phormation-0.9.2.tar.gz
http://www.securityfocus.com/bid/3393
Exploit
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:peaceworks_computer_consulting:phormation:*:*:*:*:*:*:*:*

Версия до 0.9.1 (включая)

EPSS

Процентиль: 89%

0.051

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-9283-35m7-p4f6

github

больше 3 лет назад