Paul Brereton

1 exploit Active since Dec 2002
CVE-2002-2029 EXPLOITDB text WRITEUP
Apache HTTP Server - Arbitrary File Read and Program Execution via PHP Query String
PHP, when installed on Windows with Apache and ScriptAlias for /php/ set to c:/php/, allows remote attackers to read arbitrary files and possibly execute arbitrary programs via an HTTP request for php.exe with a filename in the query string.