Unrated severityNVD Advisory· Published Jul 26, 2002· Updated Apr 16, 2026

CVE-2002-0446

Description

categorie.php3 in Black Tie Project (BTP) 0.4b through 0.5b allows remote attackers to determine the absolute path of the web server via an invalid category ID (cid) parameter, which leaks the pathname in an error message.

Affected products

Black Tie Project/Black Tie Project3 versions
cpe:2.3:a:black_tie_project:black_tie_project:0.4b:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:black_tie_project:black_tie_project:0.4b:*:*:*:*:*:*:*
- cpe:2.3:a:black_tie_project:black_tie_project:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:black_tie_project:black_tie_project:0.5b:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.iss.net/security_center/static/8439.phpnvdPatchVendor Advisory
www.securityfocus.com/bid/4275nvdExploitVendor Advisory
www.securityfocus.com/archive/1/261681nvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000