CVE-2002-1149

{"id": "CVE-2002-1149", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2002-10-11T04:00:00.000", "references": [{"url": "http://marc.info/?l=bugtraq&m=103290602609197&w=2", "source": "cve@mitre.org"}, {"url": "http://www.iss.net/security_center/static/10178.php", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/3356", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/5789", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The installation procedure for Invision Board suggests that users install the phpinfo.php program under the web root, which leaks sensitive information such as absolute pathnames, OS information, and PHP settings."}, {"lang": "es", "value": "El procedimiento de instalaci\u00f3n en Invision Board sugiere que los usuarios instalen el programa phpinfo.php en la ra\u00edz del web, lo que filtra informaci\u00f3n sensible como nombres de rutas, informaci\u00f3n del SO, y configuraci\u00f3n de php."}], "lastModified": "2016-10-18T02:24:06.827", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:invision_power_services:invision_board:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7AC7F0E6-7DA6-41E3-9F73-4FFF699195C2"}, {"criteria": "cpe:2.3:a:invision_power_services:invision_board:1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EAA35A95-B8FD-4ED8-95E0-409E50BF13AA"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}