CVE-2002-0483
First published: Tue Jun 11 2002(Updated: )
index.php for PHP-Nuke 5.4 and earlier allows remote attackers to determine the physical pathname of the web server when the file parameter is set to index.php, which triggers an error message that leaks the pathname.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| PHP-Nuke | =5.3.1 | |
| PHP-Nuke | =5.1 | |
| PHP-Nuke | =5.0 | |
| PHP-Nuke | =5.4 | |
| PHP-Nuke | =5.2a | |
| PHP-Nuke | =5.0.1 | |
| PHP-Nuke | =5.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2002-0483?
CVE-2002-0483 has a moderate severity level due to the information disclosure it can cause.
How do I fix CVE-2002-0483?
To fix CVE-2002-0483, upgrade PHP-Nuke to version 5.5 or later, which addresses this vulnerability.
What systems are affected by CVE-2002-0483?
CVE-2002-0483 affects PHP-Nuke versions 5.0 through 5.4 including earlier versions.
What kind of attack does CVE-2002-0483 facilitate?
CVE-2002-0483 facilitates information disclosure attacks by revealing the physical pathname of the web server.
Can CVE-2002-0483 be exploited remotely?
Yes, CVE-2002-0483 can be exploited remotely by sending specific requests to the affected PHP-Nuke application.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/francisco burzi
- canonical/php-nuke
- version/php-nuke/5.3.1
- version/php-nuke/5.1
- version/php-nuke/5.0
- version/php-nuke/5.4
- version/php-nuke/5.2a
- version/php-nuke/5.0.1
- version/php-nuke/5.2