CVE-2002-0121
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2002-0121
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
PHP 4.0 through 4.1.1 stores session IDs in temporary files whose name contains the session ID, which allows local users to hijack web connections.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
PHP4 Session文件本地信息泄漏漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
PHP是服务器端脚本语言,设计成内嵌于HTML文件的形式,可以运行于Windows, Linux和许多Unix操作系统。PHP在Web开发上使用非常广泛。 PHP session信息默认存放在/tmp目录下,这些文件的名字包含了session ID。例如,对于/tmp/sess_g35g5g54gg45wg85文件,"g35g5g54gg45wg85"就是其Session ID。一个本地攻击者可以浏览/tmp目录的内容来获取这些session ID,并可能劫持当前Web会话,获取未授权信息。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2002-0121
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2002-0121
Please Login to view more intelligence information
Same Patch Batch · n/a · 2002-06-25 · 190 CVEs total
| CVE-2002-0027 | Microsoft Internet Explorer安全漏洞 | |
| CVE-2002-0002 | STunnel客户端协商协议格式串溢出漏洞 | |
| CVE-2002-0003 | Groff预处理器缓冲区溢出漏洞 | |
| CVE-2002-0004 | AT 畸形时间格式导致堆溢出漏洞 | |
| CVE-2002-0007 | BugZilla LDAP认证绕过漏洞 | |
| CVE-2002-0018 | Microsoft Windows网络域间信任关系提升权限漏洞(MS02-001) | |
| CVE-2002-0020 | Microsoft Telnet Server协议选项缓冲溢出漏洞(MS02-004) | |
| CVE-2002-0021 | Macintosh Microsoft Office v. X Network PID检查器服务拒绝漏洞 | |
| CVE-2002-0022 | Microsoft Internet Explorer安全漏洞 | |
| CVE-2002-0023 | Microsoft Internet Explorer安全漏洞 | |
| CVE-2002-0025 | Microsoft Internet Explorer安全漏洞 | |
| CVE-2002-0026 | Microsoft Internet Explorer安全漏洞 | |
| CVE-2002-0045 | OpenLDAP认证用户目标属性缺失漏洞 | |
| CVE-2002-0051 | Microsoft Windows 2000组策略锁定漏洞(MS02-016) | |
| CVE-2002-0050 | Microsoft Commerce Server ISAPI远程缓冲区溢出漏洞(MS02-033) | |
| CVE-2002-0049 | Microsoft Exchange Server 安全漏洞 | |
| CVE-2002-0047 | CIPE VPN数据包服务拒绝漏洞 | |
| CVE-2002-0046 | Linux kernel内存信息泄露漏洞 | |
| CVE-2002-0040 | SGI IRIX HOSTALIASES拒绝服务攻击漏洞 | |
| CVE-2002-0028 | ICQ缓冲区溢出漏洞 |
Showing top 20 of 190 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8196
JeecgBoot mLogin Endpoint LoginController.java authorization - CVE-2026-8195
JeecgBoot SVG File CommonController.java cross site scriptin - CVE-2026-8194
osTicket Dispatcher class.dispatcher.php cross-site request - CVE-2026-8193
Akaunting Invoice PDF Rendering dompdf.php server-side reque - CVE-2026-8186
Open5GS NF client.c ogs_sbi_client_send_via_scp_or_sepp out-
V. Comments for CVE-2002-0121
No comments yet