Lucene search
MitreCVE-2002-1211HistorySep 01, 2004 - 4:00 a.m.
CVE-2002-1211
2004-09-0104:00:00
mitre
web.nvd.nist.gov
31
prometheus 6.0
rce
php code execution
remote code execution
nvd
cve-2002-1211
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.4
Confidence
High
EPSS
0.044
Percentile
92.4%
Prometheus 6.0 and earlier allows remote attackers to execute arbitrary PHP code via a modified PROMETHEUS_LIBRARY_BASE that points to code stored on a remote server, which is then used in (1) index.php, (2) install.php, or (3) various test_*.php scripts.
Affected configurations
Node
jason_orcuttprometheusMatch3.0_beta
ORjason_orcuttprometheusMatch4.0_beta
ORjason_orcuttprometheusMatch6.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| jason_orcutt | prometheus | 3.0_beta | cpe:2.3:a:jason_orcutt:prometheus:3.0_beta:*:*:*:*:*:*:* |
| jason_orcutt | prometheus | 4.0_beta | cpe:2.3:a:jason_orcutt:prometheus:4.0_beta:*:*:*:*:*:*:* |
| jason_orcutt | prometheus | 6.0 | cpe:2.3:a:jason_orcutt:prometheus:6.0:*:*:*:*:*:*:* |
Related
exploitdb
exploitdb
Jason Orcutt Prometheus 3.0/4.0/6.0 - Remote File Inclusion
2002-11-01 00:00:00
cvelist
cvelist
CVE-2002-1211
2004-09-01 04:00:00
securityvulns
securityvulns
nvd
nvd
CVE-2002-1211
2002-11-12 05:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.4
Confidence
High
EPSS
0.044
Percentile
92.4%
Related for CVE-2002-1211