CVE-2002-0249
published 2002-05-29CVE-2002-0249: PHP for Windows, when installed on Apache 2.0.28 beta as a standalone CGI module, allows remote attackers to obtain the physical path of the php.exe via a…
medium5CVSS 3.1
AVNACLAuNCPINAN
PHP for Windows, when installed on Apache 2.0.28 beta as a standalone CGI module, allows remote attackers to obtain the physical path of the php.exe via a request with malformed arguments such as /123, which leaks the pathname in the error message.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | http_server | — | — |