Back to search
CVE-2002-0240
Published: May 3, 2002
Modified: Aug 8, 2024
PUBLISHED
Description
PHP, when installed with Apache and configured to search for index.php as a default web page, allows remote attackers to obtain the full pathname of the server via the HTTP OPTIONS method, which reveals the pathname in the resulting error message.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
4057
vdb-entry
x_refsource_BID
20020207 PHP Advisory #2
mailing-list
x_refsource_BUGTRAQ
apache-php-options-information(8119)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now