CyberSec.Space Logo
Back to CVE Browser

CVE-2002-0434

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0170%
EPSS Percentile27.53th
PublishedJul 26, 2002
Last ModifiedApr 16, 2026

Vulnerability Description

Marcus S. Xenakis directory.php script allows remote attackers to execute arbitrary commands via shell metacharacters in the dir parameter.

Affected Platforms (CPE)

πŸ“¦
Marcus S. Xenakis

Directory.php

All versions

References & Advisories

πŸ”— http://www.iss.net/security_center/static/8440.php
πŸ”— http://www.securityfocus.com/archive/1/261512
πŸ”— http://www.securityfocus.com/bid/4278
πŸ”— http://www.iss.net/security_center/static/8440.php
πŸ”— http://www.securityfocus.com/archive/1/261512
πŸ”— http://www.securityfocus.com/bid/4278

Related Vulnerabilities

CVE-2004-106310.0

PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a multithreaded Unix webserver, allows local users to bypass ...

CVE-2004-122710.0

Directory traversal vulnerability in SugarCRM Sugar Sales 2.0.1c and earlier allows remote attackers to read arbitrary files and p...

CVE-2020-2521310.0

The File Manager (wp-file-manager) plugin before 6.9 for WordPress allows remote attackers to upload and execute arbitrary PHP cod...

CVE-2007-164310.0

Multiple PHP remote file inclusion vulnerabilities in LAN Management System (LMS) 1.8.9 Vala and earlier allow remote attackers to...