Lucene search

[email protected]NVD:CVE-2000-0860

HistoryNov 14, 2000 - 5:00 a.m.

CVE-2000-0860

2000-11-1405:00:00

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

82.1%

JSON

The file upload capability in PHP versions 3 and 4 allows remote attackers to read arbitrary files by setting hidden form fields whose names match the names of internal PHP script variables.

Affected configurations

NVD

Node

phpphpMatch1.0

phpphpMatch2.0

phpphpMatch2.0b10

phpphpMatch3.0

phpphpMatch3.0.1

phpphpMatch3.0.2

phpphpMatch3.0.3

phpphpMatch3.0.4

phpphpMatch3.0.5

phpphpMatch3.0.6

phpphpMatch3.0.7

phpphpMatch3.0.8

phpphpMatch3.0.9

phpphpMatch3.0.10

phpphpMatch3.0.11

phpphpMatch3.0.12

phpphpMatch3.0.13

phpphpMatch4.0

References

archives.neohapsis.com/archives/bugtraq/2000-08/0455.html

archives.neohapsis.com/archives/bugtraq/2000-08/0477.html

archives.neohapsis.com/archives/bugtraq/2000-09/0150.html

cvsweb.php.net/viewcvs.cgi/php4/main/rfc1867.c.diff?r1=1.38%3Aphp_4_0_2&tr1=1.1&r2=text&tr2=1.45&diff_format=u

www.securityfocus.com/bid/1649

exchange.xforce.ibmcloud.com/vulnerabilities/5190

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

6.7 Medium

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

82.1%

JSON

Related for NVD:CVE-2000-0860

nessus2 cve1 cvelist1