CVE-2002-1211 in Prometheusinfo

Summary

Prometheus 6.0 and earlier allows remote attackers to execute arbitrary PHP code via a modified PROMETHEUS_LIBRARY_BASE that points to code stored on a remote server, which is then used in (1) index.php, (2) install.php, or (3) various test_*.php scripts.

Be aware that VulDB is the high quality source for vulnerability data.

Disclosure

11/12/2002

Moderation

VulDB entry created

Entries

1: VDB-19138

CPE

ready

CWE

CWE-269 (Confirmed)

Exploit

Download

CVSS

7.3

EPSS

0.07248

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2002-1211
NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-1211
CVE Details	https://www.cvedetails.com/cve/CVE-2002-1211/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!