CVE-2001-1237 Information

Description

Phormation PHP script 0.9.1 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites using an HTTP request that modifies the phormationdir variable.

Reference

http://archives.neohapsis.com/archives/bugtraq/2001-10/0012.html http://www.iss.net/security_center/static/7215.php http://www.kb.cert.org/vuls/id/847803 http://www.peaceworks.ca/phormation/phormation-0.9.2.tar.gz http://www.securityfocus.com/bid/3393