Unrated severityNVD Advisory· Published Oct 2, 2001· Updated Apr 16, 2026

CVE-2001-1237

Description

Phormation PHP script 0.9.1 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the phormationdir variable.

Affected products

Peaceworks Computer Consulting/Phormation
cpe:2.3:a:peaceworks_computer_consulting:phormation:*:*:*:*:*:*:*:*
Range: <=0.9.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/3393nvdExploitPatchVendor Advisory
www.kb.cert.org/vuls/id/847803nvdUS Government Resource
archives.neohapsis.com/archives/bugtraq/2001-10/0012.htmlnvd
www.iss.net/security_center/static/7215.phpnvd
www.peaceworks.ca/phormation/phormation-0.9.2.tar.gznvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000