CVE: CVE-2002-0614

Export to Word

PHP-Survey 20000615 and earlier stores the global.inc file under the web root, which allows remote attackers to obtain sensitive information, including database credentials, if .inc files are not preprocessed by the server.

Threat-Mapped Scoring

Score: 3.0

Priority: P2 - Serious (High)

S1 – Steal Customer Account Information

EPSS

Score: 0.00808
Percentile: 0.7322

CVSS Scoring

CVSS v2 Score: 5.0

Severity:

Affected Products

cpe:2.3:a:php-survey:php-survey:2000-04-20:*:*:*:*:*:*:*
cpe:2.3:a:php-survey:php-survey:2000-04-21:*:*:*:*:*:*:*
cpe:2.3:a:php-survey:php-survey:2000-06-14:*:*:*:*:*:*:*
cpe:2.3:a:php-survey:php-survey:2000-06-14b:*:*:*:*:*:*:*
cpe:2.3:a:php-survey:php-survey:2000-06-15:*:*:*:*:*:*:*
cpe:2.3:a:php-survey:php-survey:prebeta2000-03-27:*:*:*:*:*:*:*

← Back to Home