CVE-2002-0953

EXPLOITED

PHP Address < 0.2f - Remote Code Execution via LangCookie Parameter

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2002-0953 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including Tim Vandermeerch.

AI-analyzed exploit summary This exploit demonstrates a remote file inclusion vulnerability in PHP-Address, allowing an attacker to execute arbitrary PHP code by including a remote script via the LangCookie parameter. The provided example shows directory listing execution via passthru().

Description

globals.php in PHP Address before 0.2f, with the PHP allow_url_fopen and register_globals variables enabled, allows remote attackers to execute arbitrary PHP code via a URL to the code in the LangCookie parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Tim Vandermeerch · textwebappsphp
https://www.exploit-db.com/exploits/21564

This exploit demonstrates a remote file inclusion vulnerability in PHP-Address, allowing an attacker to execute arbitrary PHP code by including a remote script via the LangCookie parameter. The provided example shows directory listing execution via passthru().

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: PHP-Address (version not specified)
No auth needed
Prerequisites: Remote web server hosting malicious PHP script · Network access to target server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2002-06/0182.html
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://online.securityfocus.com/archive/1/277987
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/5039
Exploit vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/9379.php

Scores

EPSS 0.0642
EPSS Percentile 91.3%

Details

VulnCheck KEV 2024-09-19
Status published
Products (1)
php_address/php_address 0.2e
Published Oct 04, 2002
Tracked Since Feb 18, 2026