VYPR
Critical severity9.8NVD Advisory· Published Aug 26, 2018· Updated Jun 16, 2026

CVE-2011-2767

CVE-2011-2767

Description

mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the documentation) there is no configuration option that permits Perl code for the administrator's control of HTTP request processing without also permitting unprivileged users to run Perl code in the context of the user account that runs Apache HTTP Server processes.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

14

Patches

Vulnerability mechanics

References

12

News mentions

0

No linked articles in our index yet.