CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-0240

PHP, when installed with Apache and configured to search for index.php as a default web page, allows remote attackers to obtain the full pathname of the server via the HTTP OPTIONS method, which reveals the pathname in the resulting error message.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.017

EPSS Ranking 81.4%

CVSS Severity

CVSS v2 Score 5.0

References

http://marc.info/?l=bugtraq&m=101311746611160&w=2
http://www.iss.net/security_center/static/8119.php
http://www.securityfocus.com/bid/4057
http://marc.info/?l=bugtraq&m=101311746611160&w=2
http://www.iss.net/security_center/static/8119.php
http://www.securityfocus.com/bid/4057

Products affected by CVE-2002-0240

Apache » Http Server » Version: 2.0.28

cpe:2.3:a:apache:http_server:2.0.28

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-0240

Products

Pricing

Contact Us