Vulnerability Details : CVE-2001-1237
Phormation PHP script 0.9.1 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the phormationdir variable.
Vulnerability category: Execute code
Exploit prediction scoring system (EPSS) score for CVE-2001-1237
Probability of exploitation activity in the next 30 days: 2.56%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 89 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2001-1237
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2001-1237
-
http://www.kb.cert.org/vuls/id/847803
US Government Resource
- http://www.iss.net/security_center/static/7215.php
-
http://www.securityfocus.com/bid/3393
Exploit;Patch;Vendor Advisory
- http://archives.neohapsis.com/archives/bugtraq/2001-10/0012.html
-
http://www.peaceworks.ca/phormation/phormation-0.9.2.tar.gz
Products affected by CVE-2001-1237
- cpe:2.3:a:peaceworks_computer_consulting:phormation:*:*:*:*:*:*:*:*