Vulnerabilities > CVE-2002-0953 - Remote File Include vulnerability in PHP Address PHP Address 0.2E

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
php-address
exploit available

Summary

globals.php in PHP Address before 0.2f, with the PHP allow_url_fopen and register_globals variables enabled, allows remote attackers to execute arbitrary PHP code via a URL to the code in the LangCookie parameter.

Vulnerable Configurations

Part Description Count
Application
Php_Address
1

Exploit-Db

descriptionPHP-Address 0.2 e Remote File Include Vulnerability. CVE-2002-0953. Webapps exploit for php platform
idEDB-ID:21564
last seen2016-02-02
modified2002-06-17
published2002-06-17
reporterTim Vandermeerch
sourcehttps://www.exploit-db.com/download/21564/
titlePHP-Address 0.2 e Remote File Include Vulnerability