← back
CVE-2002-2029

CVE-2002-2029

EPSS 24.6%
PHP, when installed on Windows with Apache and ScriptAlias for /php/ set to c:/php/, allows remote attackers to read arbitrary files and possibly execute arbitrary programs via an HTTP request for php.exe with a filename in the query string.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/21204unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://www.iss.net/security_center/static/7815.phphttp://www.securiteam.com/windowsntfocus/5ZP030U60U.htmlhttp://www.securityfocus.com/bid/3786