Vulnerabilities > Apache > Http Server > 2.0.28
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-05-29 | CVE-2002-0249 | Path Disclosure vulnerability in Apache Http Server 2.0.28 PHP for Windows, when installed on Apache 2.0.28 beta as a standalone CGI module, allows remote attackers to obtain the physical path of the php.exe via a request with malformed arguments such as /123, which leaks the pathname in the error message. | 5.0 |
| 2002-05-29 | CVE-2002-0240 | Path Disclosure vulnerability in Apache Http Server 2.0.28 PHP, when installed with Apache and configured to search for index.php as a default web page, allows remote attackers to obtain the full pathname of the server via the HTTP OPTIONS method, which reveals the pathname in the resulting error message. | 5.0 |