cbcvebase.
CVE-2003-0536
published 2003-08-18

CVE-2003-0536: Directory traversal vulnerability in phpSysInfo 2.1 and earlier allows attackers with write access to a local directory to read arbitrary files as the PHP user…

PriorityP419low3.6CVSS 2.0
AVLACLAuNCPINAP
EXPLOIT
EPSS
1.47%
70.6th percentile
Directory traversal vulnerability in phpSysInfo 2.1 and earlier allows attackers with write access to a local directory to read arbitrary files as the PHP user or cause a denial of service via .. (dot dot) sequences in the (1) template or (2) lng parameters.

Affected

13 ranges
VendorProductVersion rangeFixed in
debianphpsysinfo< phpsysinfo 2.1-1 (bookworm)phpsysinfo 2.1-1 (bookworm)
debianphpsysinfo< phpsysinfo 2.3-7 (bookworm)phpsysinfo 2.3-7 (bookworm)
phpgroupwarephpgroupware
phpsysinfophpsysinfo
phpsysinfophpsysinfo
phpsysinfophpsysinfo>= 0 < 2.1-12.1-1
phpsysinfophpsysinfo>= 0 < 2.3-72.3-7
phpsysinfophpsysinfo>= 0 < 2.1-12.1-1
phpsysinfophpsysinfo>= 0 < 2.3-72.3-7
phpsysinfophpsysinfo>= 0 < 2.1-12.1-1
phpsysinfophpsysinfo>= 0 < 2.3-72.3-7
phpsysinfophpsysinfo>= 0 < 2.1-12.1-1
phpsysinfophpsysinfo>= 0 < 2.3-72.3-7

CVSS provenance

nvdv2.03.6LOWAV:L/AC:L/Au:N/C:P/I:N/A:P
osv3.6LOW
vendor_debian3.6LOW
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.