CVE-2002-2134

PEEL 1.0b - RCE

Title source: llm

Description

haut.php in PEEL 1.0b allows remote attackers to execute arbitrary PHP code by modifying the dirroot parameter to reference a URL on a remote web server that contains the code in a lang.php file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by frog · textwebappsphp

https://www.exploit-db.com/exploits/22114

View Code ZIP pw:eip

References (5)

[Third Party Advisory] http://secunia.com/advisories/7797

[Third Party Advisory] http://www.iss.net/security_center/static/10960.php

[Exploit, Patch] http://www.securityfocus.com/archive/1/304779

[Exploit] http://www.securityfocus.com/bid/6496

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1005869

Scores

EPSS 0.0460

EPSS Percentile 89.1%

Classification

Status draft

Affected Products (1)

peel/peel

Timeline

Published Dec 31, 2002

Tracked Since Feb 18, 2026