Vulnerability Details CVE-2002-1759
The upload function in PHProjekt 2.0 through 3.1 does not properly verify certain variables related to uploaded data, which allows remote attackers to cause PHProjekt to process arbitrary files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.6%
CVSS Severity
CVSS v2 Score 5.0
References
- http://archive.cert.uni-stuttgart.de/archive/bugtraq/2002/04/msg00361.html
- http://www.securityfocus.com/bid/4597
- https://exchange.xforce.ibmcloud.com/vulnerabilities/8944
- http://archive.cert.uni-stuttgart.de/archive/bugtraq/2002/04/msg00361.html
- http://www.securityfocus.com/bid/4597
- https://exchange.xforce.ibmcloud.com/vulnerabilities/8944
Products affected by CVE-2002-1759
-
cpe:2.3:a:phprojekt:phprojekt:2.0
-
cpe:2.3:a:phprojekt:phprojekt:2.0.1
-
cpe:2.3:a:phprojekt:phprojekt:2.1
-
cpe:2.3:a:phprojekt:phprojekt:2.1a
-
cpe:2.3:a:phprojekt:phprojekt:2.2
-
cpe:2.3:a:phprojekt:phprojekt:2.3
-
cpe:2.3:a:phprojekt:phprojekt:2.4
-
cpe:2.3:a:phprojekt:phprojekt:2.4a
-
cpe:2.3:a:phprojekt:phprojekt:3.0
-
cpe:2.3:a:phprojekt:phprojekt:3.1
-
cpe:2.3:a:phprojekt:phprojekt:3.1a