Phormation PHP script 0.9.1 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the phormationdir variable.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Phormation | Peaceworks_computer_consulting | * | 0.9.1 (including) |