Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2002-0121
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
PHP 4.0 through 4.1.1 stores session IDs in temporary files whose name contains the session ID, which allows local users to hijack web connections.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
PHP4 Session文件本地信息泄漏漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
PHP是服务器端脚本语言,设计成内嵌于HTML文件的形式,可以运行于Windows, Linux和许多Unix操作系统。PHP在Web开发上使用非常广泛。 PHP session信息默认存放在/tmp目录下,这些文件的名字包含了session ID。例如,对于/tmp/sess_g35g5g54gg45wg85文件,"g35g5g54gg45wg85"就是其Session ID。一个本地攻击者可以浏览/tmp目录的内容来获取这些session ID,并可能劫持当前Web会话,获取未授权信息。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
-n/a n/a -
II. Public POCs for CVE-2002-0121
#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2002-0121
Please Login to view more intelligence information
IV. Related Vulnerabilities
Same product: n/a
Same vendor: n/a
V. Comments for CVE-2002-0121

No comments yet

Leave a comment