Unrated severityNVD Advisory· Published Dec 31, 2002· Updated Jun 16, 2026
CVE-2002-2029
CVE-2002-2029
Description
PHP, when installed on Windows with Apache and ScriptAlias for /php/ set to c:/php/, allows remote attackers to read arbitrary files and possibly execute arbitrary programs via an HTTP request for php.exe with a filename in the query string.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
11cpe:2.3:a:apache:http_server:1.3.11:*:*:*:*:*:*:*+ 9 more
- cpe:2.3:a:apache:http_server:1.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.12:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.13:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.14:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.15:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.16:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.17:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.18:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.19:*:*:*:*:*:*:*
- cpe:2.3:a:apache:http_server:1.3.20:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3News mentions
0No linked articles in our index yet.