CVE-2002-2029
Apache HTTP Server - Arbitrary File Read and Program Execution via PHP Query String
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2002-2029. PoCs published by Paul Brereton.
AI-analyzed exploit summary This is a writeup describing a path traversal vulnerability in Apache PHP.EXE on Windows, allowing arbitrary file disclosure or execution of binaries in the PHP directory via crafted URLs.
Description
PHP, when installed on Windows with Apache and ScriptAlias for /php/ set to c:/php/, allows remote attackers to read arbitrary files and possibly execute arbitrary programs via an HTTP request for php.exe with a filename in the query string.
Exploits (1)
This is a writeup describing a path traversal vulnerability in Apache PHP.EXE on Windows, allowing arbitrary file disclosure or execution of binaries in the PHP directory via crafted URLs.